style: format source code
diff --git a/dumper/dumper.c b/dumper/dumper.c
index 8b2ec18..ab45b2f 100644
--- a/dumper/dumper.c
+++ b/dumper/dumper.c
@@ -19,12 +19,12 @@
#endif
typedef struct _FOO {
- char * fieldName;
- int type;
- int value;
- struct _FOO * children;
- int count;
- int group;
+ char* fieldName;
+ int type;
+ int value;
+ struct _FOO* children;
+ int count;
+ int group;
} FOO;
FOO Recipients;
@@ -37,225 +37,180 @@
#endif
FOO AlgorithmMap[38] = {
- { "HSS-LMS", CN_CBOR_INT, -46, NULL, 0, 0},
- { "ECHD-SS+A256KW", CN_CBOR_INT, -34, NULL, 0, 0 },
- { "ECHD-SS+A192KW", CN_CBOR_INT, -33, NULL, 0, 0 },
- { "ECHD-SS+A128KW", CN_CBOR_INT, -32, NULL, 0, 0 },
- { "ECHD-ES+A256KW", CN_CBOR_INT, -31, NULL, 0, 0 },
- { "ECHD-ES+A192KW", CN_CBOR_INT, -30, NULL, 0, 0 },
- { "ECHD-ES+A128KW", CN_CBOR_INT, -29, NULL, 0, 0 },
- { "ECDH-SS + HKDF-512", CN_CBOR_INT, -28, NULL, 0, 0 },
- { "ECDH-SS + HKDF-256", CN_CBOR_INT, -27, NULL, 0, 0 },
- { "ECDH-ES + HKDF-512", CN_CBOR_INT, -26, NULL, 0, 0 },
- { "ECDH-ES + HKDF-256", CN_CBOR_INT, -25, NULL, 0, 0 },
+ {"HSS-LMS", CN_CBOR_INT, -46, NULL, 0, 0},
+ {"ECHD-SS+A256KW", CN_CBOR_INT, -34, NULL, 0, 0},
+ {"ECHD-SS+A192KW", CN_CBOR_INT, -33, NULL, 0, 0},
+ {"ECHD-SS+A128KW", CN_CBOR_INT, -32, NULL, 0, 0},
+ {"ECHD-ES+A256KW", CN_CBOR_INT, -31, NULL, 0, 0},
+ {"ECHD-ES+A192KW", CN_CBOR_INT, -30, NULL, 0, 0},
+ {"ECHD-ES+A128KW", CN_CBOR_INT, -29, NULL, 0, 0},
+ {"ECDH-SS + HKDF-512", CN_CBOR_INT, -28, NULL, 0, 0},
+ {"ECDH-SS + HKDF-256", CN_CBOR_INT, -27, NULL, 0, 0},
+ {"ECDH-ES + HKDF-512", CN_CBOR_INT, -26, NULL, 0, 0},
+ {"ECDH-ES + HKDF-256", CN_CBOR_INT, -25, NULL, 0, 0},
- { "ECDSA 512", CN_CBOR_INT, -9, NULL, 0, 0 },
- { "ECDSA 384", CN_CBOR_INT, -8, NULL, 0, 0 },
- {"ECDSA 256", CN_CBOR_INT, -7, NULL, 0, 0 },
+ {"ECDSA 512", CN_CBOR_INT, -9, NULL, 0, 0},
+ {"ECDSA 384", CN_CBOR_INT, -8, NULL, 0, 0},
+ {"ECDSA 256", CN_CBOR_INT, -7, NULL, 0, 0},
- {"direct", CN_CBOR_INT, -6, NULL, 0, 0 },
+ {"direct", CN_CBOR_INT, -6, NULL, 0, 0},
- {"A256KW", CN_CBOR_INT, -5, NULL, 0, 0 },
- {"A192KW", CN_CBOR_INT, -4, NULL, 0, 0 },
- {"A128KW", CN_CBOR_INT, -3, NULL, 0, 0 },
+ {"A256KW", CN_CBOR_INT, -5, NULL, 0, 0},
+ {"A192KW", CN_CBOR_INT, -4, NULL, 0, 0},
+ {"A128KW", CN_CBOR_INT, -3, NULL, 0, 0},
- {"AES-GCM 128", CN_CBOR_UINT, 1, NULL, 0, 0 },
- {"AES-GCM 192", CN_CBOR_UINT, 2, NULL, 0, 0 },
- {"AES-GCM 256", CN_CBOR_UINT, 3, NULL, 0, 0 },
+ {"AES-GCM 128", CN_CBOR_UINT, 1, NULL, 0, 0},
+ {"AES-GCM 192", CN_CBOR_UINT, 2, NULL, 0, 0},
+ {"AES-GCM 256", CN_CBOR_UINT, 3, NULL, 0, 0},
{"HMAC 256//64", CN_CBOR_UINT, 4, NULL, 0, 0},
- {"HMAC 256//256", CN_CBOR_UINT, 5, NULL, 0, 0 },
- {"HMAC 384//384", CN_CBOR_UINT, 6, NULL, 0, 0 },
- {"HMAC 512//512", CN_CBOR_UINT, 8, NULL, 0, 0 },
+ {"HMAC 256//256", CN_CBOR_UINT, 5, NULL, 0, 0},
+ {"HMAC 384//384", CN_CBOR_UINT, 6, NULL, 0, 0},
+ {"HMAC 512//512", CN_CBOR_UINT, 8, NULL, 0, 0},
- {"AES-CCM-16-64-128", CN_CBOR_UINT, 10, NULL, 0, 0 },
- {"AES-CCM-16-64-256", CN_CBOR_UINT, 11, NULL, 0, 0 },
- {"AES-CCM-16-128-128", CN_CBOR_UINT, 12, NULL, 0, 0 },
- {"AES-CCM-16-128-256", CN_CBOR_UINT, 13, NULL, 0, 0 },
+ {"AES-CCM-16-64-128", CN_CBOR_UINT, 10, NULL, 0, 0},
+ {"AES-CCM-16-64-256", CN_CBOR_UINT, 11, NULL, 0, 0},
+ {"AES-CCM-16-128-128", CN_CBOR_UINT, 12, NULL, 0, 0},
+ {"AES-CCM-16-128-256", CN_CBOR_UINT, 13, NULL, 0, 0},
{"AES-CBC-MAC-128//64", CN_CBOR_UINT, 14, NULL, 0, 0},
{"AES-CBC-MAC-256//64", CN_CBOR_UINT, 15, NULL, 0, 0},
- {"ChaCha20//Poly1305", CN_CBOR_UINT, 24, NULL, 0, 0 },
+ {"ChaCha20//Poly1305", CN_CBOR_UINT, 24, NULL, 0, 0},
{"AES-CBC-MAC-128/128", CN_CBOR_UINT, 25, NULL, 0, 0},
{"AES-CBC-MAC-256/128", CN_CBOR_UINT, 26, NULL, 0, 0},
- {"AES-CCM-64-64-128", CN_CBOR_UINT, 30, NULL, 0, 0 },
- {"AES-CCM-64-64-256", CN_CBOR_UINT, 31, NULL, 0, 0 },
- {"AES-CCM-64-128-128", CN_CBOR_UINT, 32, NULL, 0, 0 },
- {"AES-CCM-64-128-256", CN_CBOR_UINT, 33, NULL, 0, 0 },
+ {"AES-CCM-64-64-128", CN_CBOR_UINT, 30, NULL, 0, 0},
+ {"AES-CCM-64-64-256", CN_CBOR_UINT, 31, NULL, 0, 0},
+ {"AES-CCM-64-128-128", CN_CBOR_UINT, 32, NULL, 0, 0},
+ {"AES-CCM-64-128-256", CN_CBOR_UINT, 33, NULL, 0, 0},
};
-FOO KeyMap[9] = {
- {"kty", CN_CBOR_UINT, 1, NULL, 0, 0 },
- {"kid", CN_CBOR_UINT, 2, NULL, 0, 0 },
- {"alg", CN_CBOR_UINT, 3, AlgorithmMap, _countof(AlgorithmMap), 0 },
- {"key_ops", CN_CBOR_UINT, 4, NULL, 0, 0 },
- {"crv", CN_CBOR_INT, -1, NULL, 0, 2},
- {"x", CN_CBOR_INT, -2, NULL, 0, 2},
- {"y", CN_CBOR_INT, -3, NULL, 0, 2},
- {"d", CN_CBOR_INT, -4, NULL, 0, 2},
- {"k", CN_CBOR_INT, -1, NULL, 0, 4}
-};
+FOO KeyMap[9] = {{"kty", CN_CBOR_UINT, 1, NULL, 0, 0},
+ {"kid", CN_CBOR_UINT, 2, NULL, 0, 0},
+ {"alg", CN_CBOR_UINT, 3, AlgorithmMap, _countof(AlgorithmMap), 0},
+ {"key_ops", CN_CBOR_UINT, 4, NULL, 0, 0},
+ {"crv", CN_CBOR_INT, -1, NULL, 0, 2}, {"x", CN_CBOR_INT, -2, NULL, 0, 2},
+ {"y", CN_CBOR_INT, -3, NULL, 0, 2}, {"d", CN_CBOR_INT, -4, NULL, 0, 2},
+ {"k", CN_CBOR_INT, -1, NULL, 0, 4}};
-FOO Key = {
- NULL, CN_CBOR_MAP, 0, KeyMap, _countof(KeyMap), 0
-};
+FOO Key = {NULL, CN_CBOR_MAP, 0, KeyMap, _countof(KeyMap), 0};
-FOO KeySet = {
- NULL, CN_CBOR_ARRAY, 0, &Key, 1, 0
-};
+FOO KeySet = {NULL, CN_CBOR_ARRAY, 0, &Key, 1, 0};
FOO HeaderMap[27] = {
- { "alg", CN_CBOR_UINT, 1, AlgorithmMap, _countof(AlgorithmMap), 0 },
- { "crit", CN_CBOR_UINT, 2, NULL, 0, 0 },
- { "content type", CN_CBOR_UINT, 3, NULL, 0, 0},
- { "kid", CN_CBOR_UINT, 4, NULL, 0, 0},
- { "iv", CN_CBOR_UINT, 5, NULL, 0, 0 },
- { "partial iv", CN_CBOR_UINT, 6, NULL, 0, 0 },
- { "countersign", CN_CBOR_UINT, 7, Signer, 5, 0 },
- { "op time", CN_CBOR_INT, 8, NULL, 0, 0 },
- { "ephemeral", CN_CBOR_INT, -1, KeyMap, _countof(KeyMap), 50},
-{"salt", CN_CBOR_INT, -20, NULL, 0, 50 },
-{ "U identity", CN_CBOR_INT, -21, NULL, 0, 50 },
-{ "U nonce", CN_CBOR_INT, -22, NULL, 0, 50 },
-{ "U other", CN_CBOR_INT, -23, NULL, 0, 50 },
-{ "V identity", CN_CBOR_INT, -24, NULL, 0, 50 },
-{ "V nonce", CN_CBOR_INT, -25, NULL, 0, 50 },
-{ "V other", CN_CBOR_INT, -26, NULL, 0, 50 },
-{ "static key", CN_CBOR_INT, -2, NULL, 0, 50},
-{ "static kid", CN_CBOR_INT, -3, NULL, 0, 50},
-{"salt", CN_CBOR_INT, -20, NULL, 0, 52 },
-{ "U identity", CN_CBOR_INT, -21, NULL, 0, 52 },
-{ "U nonce", CN_CBOR_INT, -22, NULL, 0, 52 },
-{ "U other", CN_CBOR_INT, -23, NULL, 0, 52 },
-{ "V identity", CN_CBOR_INT, -24, NULL, 0, 52 },
-{ "V nonce", CN_CBOR_INT, -25, NULL, 0, 52 },
-{ "V other", CN_CBOR_INT, -26, NULL, 0, 52 },
-{ "static key", CN_CBOR_INT, -2, NULL, 0, 52 },
-{ "static kid", CN_CBOR_INT, -3, NULL, 0, 52 }
-};
+ {"alg", CN_CBOR_UINT, 1, AlgorithmMap, _countof(AlgorithmMap), 0},
+ {"crit", CN_CBOR_UINT, 2, NULL, 0, 0},
+ {"content type", CN_CBOR_UINT, 3, NULL, 0, 0},
+ {"kid", CN_CBOR_UINT, 4, NULL, 0, 0}, {"iv", CN_CBOR_UINT, 5, NULL, 0, 0},
+ {"partial iv", CN_CBOR_UINT, 6, NULL, 0, 0},
+ {"countersign", CN_CBOR_UINT, 7, Signer, 5, 0},
+ {"op time", CN_CBOR_INT, 8, NULL, 0, 0},
+ {"ephemeral", CN_CBOR_INT, -1, KeyMap, _countof(KeyMap), 50},
+ {"salt", CN_CBOR_INT, -20, NULL, 0, 50},
+ {"U identity", CN_CBOR_INT, -21, NULL, 0, 50},
+ {"U nonce", CN_CBOR_INT, -22, NULL, 0, 50},
+ {"U other", CN_CBOR_INT, -23, NULL, 0, 50},
+ {"V identity", CN_CBOR_INT, -24, NULL, 0, 50},
+ {"V nonce", CN_CBOR_INT, -25, NULL, 0, 50},
+ {"V other", CN_CBOR_INT, -26, NULL, 0, 50},
+ {"static key", CN_CBOR_INT, -2, NULL, 0, 50},
+ {"static kid", CN_CBOR_INT, -3, NULL, 0, 50},
+ {"salt", CN_CBOR_INT, -20, NULL, 0, 52},
+ {"U identity", CN_CBOR_INT, -21, NULL, 0, 52},
+ {"U nonce", CN_CBOR_INT, -22, NULL, 0, 52},
+ {"U other", CN_CBOR_INT, -23, NULL, 0, 52},
+ {"V identity", CN_CBOR_INT, -24, NULL, 0, 52},
+ {"V nonce", CN_CBOR_INT, -25, NULL, 0, 52},
+ {"V other", CN_CBOR_INT, -26, NULL, 0, 52},
+ {"static key", CN_CBOR_INT, -2, NULL, 0, 52},
+ {"static kid", CN_CBOR_INT, -3, NULL, 0, 52}};
FOO RecurseHeaderMap = {
- NULL, CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0
-};
+ NULL, CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0};
FOO EncryptedBody[4] = {
- { "protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0 },
- { "unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0 },
- { "ciphertext", CN_CBOR_BYTES, 0, NULL, 0, 0 },
- { "recipients", CN_CBOR_ARRAY, 0, &Recipients, 1, 0 }
-};
+ {"protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0},
+ {"unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0},
+ {"ciphertext", CN_CBOR_BYTES, 0, NULL, 0, 0},
+ {"recipients", CN_CBOR_ARRAY, 0, &Recipients, 1, 0}};
FOO Recipients = {
- NULL, CN_CBOR_ARRAY, 0, EncryptedBody, _countof(EncryptedBody), 0
-};
+ NULL, CN_CBOR_ARRAY, 0, EncryptedBody, _countof(EncryptedBody), 0};
-FOO MacBody[5] = {
- { "protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0 },
- { "unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0 },
- { "payload", CN_CBOR_BYTES, 0, NULL, 0, 0 },
- { "tag", CN_CBOR_BYTES, 0, NULL, 0, 0 },
- { "recipients", CN_CBOR_ARRAY, 0, &Recipients, 1, 0 }
-};
+FOO MacBody[5] = {{"protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0},
+ {"unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0},
+ {"payload", CN_CBOR_BYTES, 0, NULL, 0, 0},
+ {"tag", CN_CBOR_BYTES, 0, NULL, 0, 0},
+ {"recipients", CN_CBOR_ARRAY, 0, &Recipients, 1, 0}};
FOO Signer[5] = {
- { "protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0 },
- { "unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0 },
- { "signature", CN_CBOR_BYTES, 0, NULL, 0, 0 },
+ {"protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0},
+ {"unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0},
+ {"signature", CN_CBOR_BYTES, 0, NULL, 0, 0},
};
-FOO Signers = {
- NULL, CN_CBOR_ARRAY, 0, Signer, _countof(Signer), 0
-};
+FOO Signers = {NULL, CN_CBOR_ARRAY, 0, Signer, _countof(Signer), 0};
-FOO SignBody[5] = {
- { "protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0 },
- { "unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0 },
- { "payload", CN_CBOR_BYTES, 0, NULL, 0, 0 },
- { "signatures", CN_CBOR_ARRAY, 0, &Signers, 1, 0 }
-};
+FOO SignBody[5] = {{"protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0},
+ {"unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0},
+ {"payload", CN_CBOR_BYTES, 0, NULL, 0, 0},
+ {"signatures", CN_CBOR_ARRAY, 0, &Signers, 1, 0}};
-FOO Sign0Body[4] = {
- { "protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0 },
- { "unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0 },
- { "payload", CN_CBOR_BYTES, 0, NULL, 0, 0 },
- { "signature", CN_CBOR_BYTES, 0, NULL, 0, 0}
-};
+FOO Sign0Body[4] = {{"protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0},
+ {"unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0},
+ {"payload", CN_CBOR_BYTES, 0, NULL, 0, 0},
+ {"signature", CN_CBOR_BYTES, 0, NULL, 0, 0}};
FOO EnvelopedMessage = {
- NULL, CN_CBOR_ARRAY, 0, EncryptedBody, _countof(EncryptedBody), 0
-};
-FOO SignedMessage = {
- NULL, CN_CBOR_ARRAY, 0, SignBody, _countof(SignBody), 0
-};
-FOO Sign0Message = {
- NULL, CN_CBOR_ARRAY, 0, Sign0Body, _countof(Sign0Body), 0
-};
+ NULL, CN_CBOR_ARRAY, 0, EncryptedBody, _countof(EncryptedBody), 0};
+FOO SignedMessage = {NULL, CN_CBOR_ARRAY, 0, SignBody, _countof(SignBody), 0};
+FOO Sign0Message = {NULL, CN_CBOR_ARRAY, 0, Sign0Body, _countof(Sign0Body), 0};
-FOO MacMessage = {
- NULL, CN_CBOR_ARRAY, 0, MacBody, _countof(MacBody), 0
-};
+FOO MacMessage = {NULL, CN_CBOR_ARRAY, 0, MacBody, _countof(MacBody), 0};
FOO EncryptedMessage = {
- NULL, CN_CBOR_ARRAY, 0, EncryptedBody, _countof(EncryptedBody)-1, 0
-};
+ NULL, CN_CBOR_ARRAY, 0, EncryptedBody, _countof(EncryptedBody) - 1, 0};
-FOO EncryptedMessageWithTag = {
- NULL, CN_CBOR_TAG, 997, &EncryptedMessage, 1, 0
-};
+FOO EncryptedMessageWithTag = {NULL, CN_CBOR_TAG, 997, &EncryptedMessage, 1, 0};
-FOO EnvelopedMessageWithTag = {
- NULL, CN_CBOR_TAG, 998, &EnvelopedMessage, 1, 0
-};
+FOO EnvelopedMessageWithTag = {NULL, CN_CBOR_TAG, 998, &EnvelopedMessage, 1, 0};
-FOO SignedMessageWithTag = {
- NULL, CN_CBOR_TAG, 999, &SignedMessage, 1, 0
-};
+FOO SignedMessageWithTag = {NULL, CN_CBOR_TAG, 999, &SignedMessage, 1, 0};
-FOO Sign0MessageWithTag = {
- NULL, CN_CBOR_TAG, 997, &Sign0Message, 1, 0
-};
+FOO Sign0MessageWithTag = {NULL, CN_CBOR_TAG, 997, &Sign0Message, 1, 0};
-FOO MacMessageWithTag = {
- NULL, CN_CBOR_TAG, 996, &MacMessage, 1, 0
-};
+FOO MacMessageWithTag = {NULL, CN_CBOR_TAG, 996, &MacMessage, 1, 0};
-FOO Mac0Body[4] = {
- { "protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0 },
- { "unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0 },
- { "payload", CN_CBOR_BYTES, 0, NULL, 0, 0 },
- { "tag", CN_CBOR_BYTES, 0, NULL, 0, 0 }
-};
+FOO Mac0Body[4] = {{"protected", CN_CBOR_BYTES, 0, &RecurseHeaderMap, 1, 0},
+ {"unprotected", CN_CBOR_MAP, 0, HeaderMap, _countof(HeaderMap), 0},
+ {"payload", CN_CBOR_BYTES, 0, NULL, 0, 0},
+ {"tag", CN_CBOR_BYTES, 0, NULL, 0, 0}};
-FOO Mac0Message = {
- NULL, CN_CBOR_ARRAY, 0, Mac0Body, _countof(Mac0Body), 0
-};
+FOO Mac0Message = {NULL, CN_CBOR_ARRAY, 0, Mac0Body, _countof(Mac0Body), 0};
-FOO Mac0MessageWithTag = {
- NULL, CN_CBOR_TAG, 995, &Mac0Message, 1, 0
-};
+FOO Mac0MessageWithTag = {NULL, CN_CBOR_TAG, 995, &Mac0Message, 1, 0};
size_t WrapLineAt = 0;
-char OutputBuffer[4*4096];
+char OutputBuffer[4 * 4096];
-void WrapPrintF(FILE * fp, char * format, ...)
+void WrapPrintF(FILE* fp, char* format, ...)
{
va_list args;
- char buffer[10000];
- char * iRet;
+ char buffer[10000];
+ char* iRet;
va_start(args, format);
vsprintf(buffer, format, args);
if (WrapLineAt == 0) {
fprintf(fp, "%s", buffer);
- va_end(args);
+ va_end(args);
return;
}
strcat_s(OutputBuffer, sizeof(OutputBuffer), buffer);
while ((iRet = strchr(OutputBuffer, '\n'))) {
- char * t = OutputBuffer;
+ char* t = OutputBuffer;
*iRet = 0;
while (strlen(t) > WrapLineAt) {
@@ -269,7 +224,8 @@
fprintf(fp, "%s", t);
fprintf(fp, "\n");
- if (strlen(OutputBuffer) + strlen(iRet + 1) >= sizeof(OutputBuffer)-1) {
+ if (strlen(OutputBuffer) + strlen(iRet + 1) >=
+ sizeof(OutputBuffer) - 1) {
fprintf(stderr, "Internal buffer too small for dumping");
exit(1);
}
@@ -279,28 +235,29 @@
va_end(args);
}
-
-void Indent(FILE * fp, int depth)
+void Indent(FILE* fp, int depth)
{
int i;
- for (i = 0; i < depth; i++) WrapPrintF(fp, " ");
+ for (i = 0; i < depth; i++)
+ WrapPrintF(fp, " ");
}
-
void PrintUsage()
{
- fprintf(stderr, "dumper [<filein> [<fileout>]]\n");
- exit(1);
+ fprintf(stderr, "dumper [<filein> [<fileout>]]\n");
+ exit(1);
}
-void DumpBytes(FILE * fp, const cn_cbor* cbor)
+void DumpBytes(FILE* fp, const cn_cbor* cbor)
{
int i;
int fText = true;
for (i = 0; i < cbor->length; i++) {
- if ((cbor->v.bytes[i] < 32) || (cbor->v.bytes[i] > 126) || (cbor->v.bytes[i] == '\'')) fText = false;
+ if ((cbor->v.bytes[i] < 32) || (cbor->v.bytes[i] > 126) ||
+ (cbor->v.bytes[i] == '\''))
+ fText = false;
}
if (fText && (cbor->length > 0)) {
@@ -309,8 +266,7 @@
WrapPrintF(fp, "%c", cbor->v.bytes[i]);
}
WrapPrintF(fp, "'");
- }
- else {
+ } else {
WrapPrintF(fp, "h'");
for (i = 0; i < cbor->length; i++) {
WrapPrintF(fp, "%02x", cbor->v.bytes[i]);
@@ -319,277 +275,318 @@
}
}
-void DumpTree(const cn_cbor * cbor, FILE * out, const FOO *pFOO, int depth, int fField, int fValue, int fInComment)
+void DumpTree(const cn_cbor* cbor,
+ FILE* out,
+ const FOO* pFOO,
+ int depth,
+ int fField,
+ int fValue,
+ int fInComment)
{
int i;
int i2;
- const cn_cbor * cbor2;
- const FOO * pFoo2;
+ const cn_cbor* cbor2;
+ const FOO* pFoo2;
int group;
if (pFOO != NULL) {
switch (pFOO->type) {
- case CN_CBOR_TAG:
- if (cbor->type != CN_CBOR_TAG) pFOO = NULL;
- break;
- default:
- break;
+ case CN_CBOR_TAG:
+ if (cbor->type != CN_CBOR_TAG)
+ pFOO = NULL;
+ break;
+ default:
+ break;
}
}
if (fField && (pFOO != NULL) && (pFOO->fieldName != NULL)) {
- if (fInComment) WrapPrintF(out, "\\ %s \\ ", pFOO -> fieldName);
- else WrapPrintF(out, "/ %s / ", pFOO->fieldName);
+ if (fInComment)
+ WrapPrintF(out, "\\ %s \\ ", pFOO->fieldName);
+ else
+ WrapPrintF(out, "/ %s / ", pFOO->fieldName);
}
switch (cbor->type) {
- case CN_CBOR_TAG:
- WrapPrintF(out, "%u(\n", cbor->v.uint);
- Indent(out, depth + 1);
- DumpTree(cbor->last_child, out, pFOO != NULL ? pFOO->children : NULL, depth+1, true, true, fInComment);
- WrapPrintF(out, "\n");
- Indent(out, depth);
- WrapPrintF(out, ")");
- break;
-
- case CN_CBOR_ARRAY:
- WrapPrintF(out, "[");
- cbor2 = cbor->first_child;
- for (i = 0; i < cbor->length; i++, cbor2 = cbor2->next) {
- if (i != 0) WrapPrintF(out, ", ");
- if (pFOO == NULL) pFoo2 = NULL;
- else if (pFOO->count == 1) pFoo2 = pFOO->children;
- else if (i >= pFOO->count) pFoo2 = NULL;
- else pFoo2 = &pFOO->children[i];
-
- WrapPrintF(out, "\n");
+ case CN_CBOR_TAG:
+ WrapPrintF(out, "%u(\n", cbor->v.uint);
Indent(out, depth + 1);
- DumpTree(cbor2, out, pFoo2, depth + 1, true, true, fInComment);
- }
- if (i > 0) {
+ DumpTree(cbor->last_child, out,
+ pFOO != NULL ? pFOO->children : NULL, depth + 1, true, true,
+ fInComment);
WrapPrintF(out, "\n");
Indent(out, depth);
- }
- WrapPrintF(out, "]");
- break;
+ WrapPrintF(out, ")");
+ break;
- case CN_CBOR_MAP:
- WrapPrintF(out, "{");
- cbor2 = cbor->first_child;
- // Determine the correct group - always assume it is at element UINT=1
- group = 0;
- for (i = 0; i < cbor->length; i+=2, cbor2 = cbor2->next->next) {
- if ((cbor2->type == CN_CBOR_UINT) && (cbor2->v.uint == 1)) {
- group = (int) cbor2->next->v.uint;
- break;
+ case CN_CBOR_ARRAY:
+ WrapPrintF(out, "[");
+ cbor2 = cbor->first_child;
+ for (i = 0; i < cbor->length; i++, cbor2 = cbor2->next) {
+ if (i != 0)
+ WrapPrintF(out, ", ");
+ if (pFOO == NULL)
+ pFoo2 = NULL;
+ else if (pFOO->count == 1)
+ pFoo2 = pFOO->children;
+ else if (i >= pFOO->count)
+ pFoo2 = NULL;
+ else
+ pFoo2 = &pFOO->children[i];
+
+ WrapPrintF(out, "\n");
+ Indent(out, depth + 1);
+ DumpTree(cbor2, out, pFoo2, depth + 1, true, true, fInComment);
}
- }
+ if (i > 0) {
+ WrapPrintF(out, "\n");
+ Indent(out, depth);
+ }
+ WrapPrintF(out, "]");
+ break;
- cbor2 = cbor->first_child;
- // Dump each element
- for (i = 0; i < cbor->length; i+=2, cbor2 = cbor2->next) {
- pFoo2 = NULL;
- if (pFOO != NULL) {
- // Locate the right entry in foo
- for (i2 = 0, pFoo2 = pFOO->children; i2 < pFOO->count; pFoo2++, i2 += 1) {
- if ((unsigned)pFoo2->type != cbor2->type) continue;
- switch (cbor2->type) {
- case CN_CBOR_UINT:
- if ((group != 0) && (pFoo2->group != 0) && (pFoo2->group != group)) continue;
- if (pFoo2->value == (int) cbor2->v.uint) i2 = pFOO->count + 1;
- break;
-
- case CN_CBOR_INT:
- if ((group != 0) && (pFoo2->group != 0) && (pFoo2->group != group)) continue;
- if (pFoo2->value == cbor2->v.sint) i2 = pFOO->count + 1;
- break;
-
- default:
- // Should assert here?
- break;
- }
-
- if (i2 == pFOO->count + 1) break;
+ case CN_CBOR_MAP:
+ WrapPrintF(out, "{");
+ cbor2 = cbor->first_child;
+ // Determine the correct group - always assume it is at element
+ // UINT=1
+ group = 0;
+ for (i = 0; i < cbor->length; i += 2, cbor2 = cbor2->next->next) {
+ if ((cbor2->type == CN_CBOR_UINT) && (cbor2->v.uint == 1)) {
+ group = (int)cbor2->next->v.uint;
+ break;
}
- if (i2 == pFOO->count) pFoo2 = NULL;
}
- if (i != 0) WrapPrintF(out, ", ");
- WrapPrintF(out, "\n");
- Indent(out, depth + 1);
- DumpTree(cbor2, out, pFoo2, depth + 1, true, false, fInComment);
- WrapPrintF(out, ":");
- cbor2 = cbor2->next;
- DumpTree(cbor2, out, pFoo2, depth + 1, false, true, fInComment);
- }
- if (i > 0) {
- WrapPrintF(out, "\n");
- Indent(out, depth);
- }
+
+ cbor2 = cbor->first_child;
+ // Dump each element
+ for (i = 0; i < cbor->length; i += 2, cbor2 = cbor2->next) {
+ pFoo2 = NULL;
+ if (pFOO != NULL) {
+ // Locate the right entry in foo
+ for (i2 = 0, pFoo2 = pFOO->children; i2 < pFOO->count;
+ pFoo2++, i2 += 1) {
+ if ((unsigned)pFoo2->type != cbor2->type)
+ continue;
+ switch (cbor2->type) {
+ case CN_CBOR_UINT:
+ if ((group != 0) && (pFoo2->group != 0) &&
+ (pFoo2->group != group))
+ continue;
+ if (pFoo2->value == (int)cbor2->v.uint)
+ i2 = pFOO->count + 1;
+ break;
+
+ case CN_CBOR_INT:
+ if ((group != 0) && (pFoo2->group != 0) &&
+ (pFoo2->group != group))
+ continue;
+ if (pFoo2->value == cbor2->v.sint)
+ i2 = pFOO->count + 1;
+ break;
+
+ default:
+ // Should assert here?
+ break;
+ }
+
+ if (i2 == pFOO->count + 1)
+ break;
+ }
+ if (i2 == pFOO->count)
+ pFoo2 = NULL;
+ }
+ if (i != 0)
+ WrapPrintF(out, ", ");
+ WrapPrintF(out, "\n");
+ Indent(out, depth + 1);
+ DumpTree(cbor2, out, pFoo2, depth + 1, true, false, fInComment);
+ WrapPrintF(out, ":");
+ cbor2 = cbor2->next;
+ DumpTree(cbor2, out, pFoo2, depth + 1, false, true, fInComment);
+ }
+ if (i > 0) {
+ WrapPrintF(out, "\n");
+ Indent(out, depth);
+ }
WrapPrintF(out, "}");
- break;
+ break;
- case CN_CBOR_BYTES:
- DumpBytes(out, cbor);
- if ((pFOO != NULL) && (pFOO->children != NULL)) {
- const cn_cbor * cbor3 = cn_cbor_decode(cbor->v.bytes, cbor->length CBOR_CONTEXT_PARAM, NULL);
- if (cbor3 != NULL) {
- WrapPrintF(out, fInComment ? " \\ " : " / ");
- DumpTree(cbor3, out, pFOO->children, depth+1, true, true, true);
- WrapPrintF(out, fInComment ? " \\ " : " / ");
- }
- }
- break;
-
- case CN_CBOR_INT:
- WrapPrintF(out, "%d", cbor->v.sint);
- if (fValue && pFOO != NULL) {
- for (i = 0, pFoo2 = pFOO->children; i < pFOO->count; i++, pFoo2++) {
- if ((pFoo2->type == CN_CBOR_INT) && (pFoo2->value == cbor->v.sint)) {
- if (pFoo2->fieldName != NULL) {
- if (fInComment) WrapPrintF(out, " \\ %s \\", pFoo2->fieldName);
- else WrapPrintF(out, " / %s /", pFoo2->fieldName);
- }
- break;
+ case CN_CBOR_BYTES:
+ DumpBytes(out, cbor);
+ if ((pFOO != NULL) && (pFOO->children != NULL)) {
+ const cn_cbor* cbor3 = cn_cbor_decode(
+ cbor->v.bytes, cbor->length CBOR_CONTEXT_PARAM, NULL);
+ if (cbor3 != NULL) {
+ WrapPrintF(out, fInComment ? " \\ " : " / ");
+ DumpTree(cbor3, out, pFOO->children, depth + 1, true, true,
+ true);
+ WrapPrintF(out, fInComment ? " \\ " : " / ");
}
}
- }
- break;
+ break;
- case CN_CBOR_UINT:
- WrapPrintF(out, "%u", cbor->v.uint);
- if (fValue && (pFOO != NULL)) {
- for (i = 0, pFoo2 = pFOO->children; i < pFOO->count; i++, pFoo2++) {
- if ((pFoo2->type == CN_CBOR_UINT) && (pFoo2->value == (int) cbor->v.uint)) {
- if (pFoo2->fieldName != NULL) {
- if (fInComment) WrapPrintF(out, " \\ %s \\", pFoo2->fieldName);
- else WrapPrintF(out, " / %s /", pFoo2->fieldName);
+ case CN_CBOR_INT:
+ WrapPrintF(out, "%d", cbor->v.sint);
+ if (fValue && pFOO != NULL) {
+ for (i = 0, pFoo2 = pFOO->children; i < pFOO->count;
+ i++, pFoo2++) {
+ if ((pFoo2->type == CN_CBOR_INT) &&
+ (pFoo2->value == cbor->v.sint)) {
+ if (pFoo2->fieldName != NULL) {
+ if (fInComment)
+ WrapPrintF(out, " \\ %s \\", pFoo2->fieldName);
+ else
+ WrapPrintF(out, " / %s /", pFoo2->fieldName);
+ }
+ break;
}
- break;
}
}
- }
- break;
+ break;
- case CN_CBOR_TEXT:
- WrapPrintF(out, "\"");
- for (i = 0; i < cbor->length; i++) {
- if (fInComment && (cbor->v.str[i] == '/')) {
+ case CN_CBOR_UINT:
+ WrapPrintF(out, "%u", cbor->v.uint);
+ if (fValue && (pFOO != NULL)) {
+ for (i = 0, pFoo2 = pFOO->children; i < pFOO->count;
+ i++, pFoo2++) {
+ if ((pFoo2->type == CN_CBOR_UINT) &&
+ (pFoo2->value == (int)cbor->v.uint)) {
+ if (pFoo2->fieldName != NULL) {
+ if (fInComment)
+ WrapPrintF(out, " \\ %s \\", pFoo2->fieldName);
+ else
+ WrapPrintF(out, " / %s /", pFoo2->fieldName);
+ }
+ break;
+ }
+ }
+ }
+ break;
+
+ case CN_CBOR_TEXT:
+ WrapPrintF(out, "\"");
+ for (i = 0; i < cbor->length; i++) {
+ if (fInComment && (cbor->v.str[i] == '/')) {
+ WrapPrintF(out, "%c", cbor->v.str[i]);
+ }
WrapPrintF(out, "%c", cbor->v.str[i]);
}
- WrapPrintF(out, "%c", cbor->v.str[i]);
- }
- WrapPrintF(out, "\"");
- break;
+ WrapPrintF(out, "\"");
+ break;
- case CN_CBOR_TRUE:
- WrapPrintF(out, "true");
- break;
+ case CN_CBOR_TRUE:
+ WrapPrintF(out, "true");
+ break;
- case CN_CBOR_FALSE:
- WrapPrintF(out, "false");
- break;
+ case CN_CBOR_FALSE:
+ WrapPrintF(out, "false");
+ break;
- default:
- WrapPrintF(out, "##");
- break;
+ default:
+ WrapPrintF(out, "##");
+ break;
}
}
-
-int main(int argc, char ** argv)
+int main(int argc, char** argv)
{
- int i;
- FILE * in = NULL;
- FILE * out = NULL;
- byte * pb = NULL;
- size_t cb = 0;
- byte rgb[2048];
- size_t cbIn;
- int forXML = false;
- FOO * root = NULL;
+ int i;
+ FILE* in = NULL;
+ FILE* out = NULL;
+ byte* pb = NULL;
+ size_t cb = 0;
+ byte rgb[2048];
+ size_t cbIn;
+ int forXML = false;
+ FOO* root = NULL;
- for (i=1; i<argc; i++) {
- if ((argv[i][0] == '-') || (argv[i][0] == '/')) {
- if (strcmp(&argv[i][1], "someoption") == 0) {
- }
- else if (strcmp(&argv[i][1], "xml=yes") == 0) {
+ for (i = 1; i < argc; i++) {
+ if ((argv[i][0] == '-') || (argv[i][0] == '/')) {
+ if (strcmp(&argv[i][1], "someoption") == 0) {
+ } else if (strcmp(&argv[i][1], "xml=yes") == 0) {
forXML = true;
- }
- else if (strcmp(&argv[i][1], "xml=no") == 0) forXML = false;
+ } else if (strcmp(&argv[i][1], "xml=no") == 0)
+ forXML = false;
else if (strncmp(&argv[i][1], "wrap=", 5) == 0) {
WrapLineAt = atoi(&argv[i][6]);
+ } else if (strncmp(&argv[i][1], "type=", 5) == 0) {
+ if (strcmp(&argv[i][1], "type=encrypt") == 0)
+ root = &EncryptedMessage;
+ else if (strcmp(&argv[i][1], "type=envelope") == 0)
+ root = &EnvelopedMessage;
+ else if (strcmp(&argv[i][1], "type=signed") == 0)
+ root = &SignedMessage;
+ else if (strcmp(&argv[i][1], "type=mac") == 0)
+ root = &MacMessage;
+ else if (strcmp(&argv[i][1], "type=mac0") == 0)
+ root = &Mac0Message;
+ else if (strcmp(&argv[i][1], "type=keyset") == 0)
+ root = &KeySet;
+ else if (strcmp(&argv[i][1], "type=key") == 0)
+ root = &Key;
+ else
+ PrintUsage();
+ } else {
+ PrintUsage();
+ exit(1);
}
- else if (strncmp(&argv[i][1], "type=", 5) == 0) {
- if (strcmp(&argv[i][1], "type=encrypt") == 0) root = &EncryptedMessage;
- else if (strcmp(&argv[i][1], "type=envelope") == 0) root = &EnvelopedMessage;
- else if (strcmp(&argv[i][1], "type=signed") == 0) root = &SignedMessage;
- else if (strcmp(&argv[i][1], "type=mac") == 0) root = &MacMessage;
- else if (strcmp(&argv[i][1], "type=mac0") == 0) root = &Mac0Message;
- else if (strcmp(&argv[i][1], "type=keyset") == 0) root = &KeySet;
- else if (strcmp(&argv[i][1], "type=key") == 0) root = &Key;
- else PrintUsage();
+ } else {
+ if (in == NULL) {
+ in = fopen(argv[i], "rb");
+ if (in == NULL) {
+ fprintf(stderr, "Unable to open file '%s'\n", argv[i]);
+ exit(1);
+ }
+ } else if (out == NULL) {
+ out = fopen(argv[i], "wt");
+ if (out == NULL) {
+ fprintf(stderr, "Unable to open file '%s'\n", argv[i]);
+ exit(1);
+ }
+ } else {
+ PrintUsage();
+ exit(1);
}
- else {
- PrintUsage();
- exit(1);
- }
- }
- else {
- if (in == NULL) {
- in = fopen(argv[i], "rb");
- if (in == NULL) {
- fprintf(stderr, "Unable to open file '%s'\n", argv[i]);
- exit(1);
- }
- }
- else if (out == NULL) {
- out = fopen(argv[i], "wt");
- if (out == NULL) {
- fprintf(stderr, "Unable to open file '%s'\n", argv[i]);
- exit(1);
- }
- }
- else {
- PrintUsage();
- exit(1);
- }
- }
- }
+ }
+ }
- // Set defaults
+ // Set defaults
- if (in == NULL) {
+ if (in == NULL) {
#ifdef _WIN32
- in = stdin;
- _setmode(_fileno(stdin), _O_BINARY);
+ in = stdin;
+ _setmode(_fileno(stdin), _O_BINARY);
#else
- in = stdin; // fdreopen(_fileno(stdin), NULL, O_RDONLY | OPEN_O_BINARY);
+ in = stdin; // fdreopen(_fileno(stdin), NULL, O_RDONLY |
+ // OPEN_O_BINARY);
#endif
- }
- if (out == NULL) out = stdout;
-
- // Read the input to a buffer - needed for the parser
+ }
+ if (out == NULL)
+ out = stdout;
+
+ // Read the input to a buffer - needed for the parser
cbIn = 1;
- while (cbIn > 0) {
- cbIn = fread(rgb, 1, sizeof(rgb), in);
- if (cbIn == 0) {
- // finished
- break;
- }
+ while (cbIn > 0) {
+ cbIn = fread(rgb, 1, sizeof(rgb), in);
+ if (cbIn == 0) {
+ // finished
+ break;
+ }
- pb = realloc(pb, cb+cbIn);
- if (pb == NULL) {
- fprintf(stderr, "Error allocating memory\n");
- exit(1);
- }
- memcpy(pb+cb, rgb, cbIn);
- cb += cbIn;
- }
+ pb = realloc(pb, cb + cbIn);
+ if (pb == NULL) {
+ fprintf(stderr, "Error allocating memory\n");
+ exit(1);
+ }
+ memcpy(pb + cb, rgb, cbIn);
+ cb += cbIn;
+ }
- // Parse it
+ // Parse it
- cn_cbor * cbor = cn_cbor_decode(pb, cb CBOR_CONTEXT_PARAM, NULL);
+ cn_cbor* cbor = cn_cbor_decode(pb, cb CBOR_CONTEXT_PARAM, NULL);
if (cbor == NULL) {
fprintf(stderr, "Error parsing CBOR");
exit(1);
@@ -598,26 +595,38 @@
if (root == NULL) {
if (cbor->type == CN_CBOR_TAG) {
switch (cbor->v.sint) {
- case 98: root = &SignedMessageWithTag; break;
- case 96: root = &EnvelopedMessageWithTag; break;
- case 16: root = &EncryptedMessageWithTag; break;
- case 97: root = &MacMessageWithTag; break;
- case 17: root = &Mac0MessageWithTag; break;
- case 18: root = &Sign0MessageWithTag; break;
+ case 98:
+ root = &SignedMessageWithTag;
+ break;
+ case 96:
+ root = &EnvelopedMessageWithTag;
+ break;
+ case 16:
+ root = &EncryptedMessageWithTag;
+ break;
+ case 97:
+ root = &MacMessageWithTag;
+ break;
+ case 17:
+ root = &Mac0MessageWithTag;
+ break;
+ case 18:
+ root = &Sign0MessageWithTag;
+ break;
}
}
}
if (forXML) {
- fprintf(out, "<t>Size of binary file is %lu bytes</t>\n\n", (unsigned long) cb);
+ fprintf(out, "<t>Size of binary file is %lu bytes</t>\n\n",
+ (unsigned long)cb);
fprintf(out, "<figure><artwork type='CBORdiag'><![CDATA[\n");
}
- DumpTree(cbor, out, root, 0, true, true, false);
+ DumpTree(cbor, out, root, 0, true, true, false);
WrapPrintF(out, "\n");
if (forXML) {
fprintf(out, "]]></artwork></figure>\n");
}
}
-
diff --git a/include/cose/cose.h b/include/cose/cose.h
index e84235f..471a102 100644
--- a/include/cose/cose.h
+++ b/include/cose/cose.h
@@ -10,20 +10,20 @@
typedef unsigned char byte;
-typedef struct _cose * HCOSE;
-typedef struct _cose_sign * HCOSE_SIGN;
-typedef struct _cose_signer * HCOSE_SIGNER;
-typedef struct _cose_sign1 * HCOSE_SIGN1;
-typedef struct _cose_encrypt * HCOSE_ENCRYPT;
-typedef struct _cose_enveloped * HCOSE_ENVELOPED;
-typedef struct _cose_recipient * HCOSE_RECIPIENT;
-typedef struct _cose_mac * HCOSE_MAC;
-typedef struct _cose_mac0 * HCOSE_MAC0;
-typedef struct _cose_counterSignature * HCOSE_COUNTERSIGN;
+typedef struct _cose* HCOSE;
+typedef struct _cose_sign* HCOSE_SIGN;
+typedef struct _cose_signer* HCOSE_SIGNER;
+typedef struct _cose_sign1* HCOSE_SIGN1;
+typedef struct _cose_encrypt* HCOSE_ENCRYPT;
+typedef struct _cose_enveloped* HCOSE_ENVELOPED;
+typedef struct _cose_recipient* HCOSE_RECIPIENT;
+typedef struct _cose_mac* HCOSE_MAC;
+typedef struct _cose_mac0* HCOSE_MAC0;
+typedef struct _cose_counterSignature* HCOSE_COUNTERSIGN;
/**
-* All of the different kinds of errors
-*/
+ * All of the different kinds of errors
+ */
typedef enum cose_error {
/** No error has occurred */
COSE_ERR_NONE,
@@ -49,14 +49,14 @@
} cose_error;
typedef enum cose_init_flags {
- COSE_INIT_FLAGS_NONE=0,
- COSE_INIT_FLAGS_DETACHED_CONTENT=1,
- COSE_INIT_FLAGS_NO_CBOR_TAG=2,
- COSE_INIT_FLAGS_ZERO_FORM=4
+ COSE_INIT_FLAGS_NONE = 0,
+ COSE_INIT_FLAGS_DETACHED_CONTENT = 1,
+ COSE_INIT_FLAGS_NO_CBOR_TAG = 2,
+ COSE_INIT_FLAGS_ZERO_FORM = 4
} COSE_INIT_FLAGS;
/**
-* Errors
-*/
+ * Errors
+ */
typedef struct _cose_errback {
/** The error, or CN_CBOR_NO_ERROR if none */
cose_error err;
@@ -75,15 +75,17 @@
// Generic functions for the COSE library
-HCOSE COSE_Decode(const byte * rgbData, size_t cbData, int * type, COSE_object_type struct_type, CBOR_CONTEXT_COMMA cose_errback * perr); // Decode the object
-size_t COSE_Encode(HCOSE msg, byte * rgb, size_t ib, size_t cb);
+HCOSE COSE_Decode(const byte* rgbData,
+ size_t cbData,
+ int* type,
+ COSE_object_type struct_type,
+ CBOR_CONTEXT_COMMA cose_errback* perr); // Decode the object
+size_t COSE_Encode(HCOSE msg, byte* rgb, size_t ib, size_t cb);
-cn_cbor * COSE_get_cbor(HCOSE hmsg);
+cn_cbor* COSE_get_cbor(HCOSE hmsg);
// Functions for the signing object
-
-
typedef enum {
COSE_PROTECT_ONLY = 1,
COSE_UNPROTECT_ONLY = 2,
@@ -133,16 +135,16 @@
COSE_Algorithm_Direct = -6,
- COSE_Algorithm_EdDSA = - 8,
+ COSE_Algorithm_EdDSA = -8,
COSE_Algorithm_Direct_HKDF_HMAC_SHA_256 = -10,
COSE_Algorithm_Direct_HKDF_HMAC_SHA_512 = -11,
COSE_Algorithm_Direct_HKDF_AES_128 = -12,
COSE_Algorithm_Direct_HKDF_AES_256 = -13,
-// COSE_Algorithm_PS256 = -8,
-// COSE_Algorithm_PS384 = -37,
-// COSE_Algorithm_PS512 = -38,
+ // COSE_Algorithm_PS256 = -8,
+ // COSE_Algorithm_PS384 = -37,
+ // COSE_Algorithm_PS512 = -38,
COSE_Algorithm_ECDSA_SHA_256 = -7,
COSE_Algorithm_ECDSA_SHA_384 = -35,
@@ -186,7 +188,7 @@
COSE_Key_Type = 1,
COSE_Key_ID = 2,
COSE_Parameter_KID = 4,
- COSE_Key_EC2_Curve=-1,
+ COSE_Key_EC2_Curve = -1,
COSE_Key_EC2_X = -2,
COSE_Key_EC2_Y = -3,
COSE_Key_OPK_Curve = -1,
@@ -207,132 +209,293 @@
* messages dealing with the Enveloped message type
*/
-HCOSE_ENVELOPED COSE_Enveloped_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_ENVELOPED COSE_Enveloped_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_Enveloped_Free(HCOSE_ENVELOPED cose);
-cn_cbor * COSE_Enveloped_map_get_int(HCOSE_ENVELOPED cose, int key, int flags, cose_errback * errp);
-cn_cbor * COSE_Enveloped_map_get_string(HCOSE_ENVELOPED cose, const char * key, int flags, cose_errback * errp);
-bool COSE_Enveloped_map_put_int(HCOSE_ENVELOPED cose, int key, cn_cbor * value, int flags, cose_errback * errp);
-bool COSE_Enveloped_map_put_string(HCOSE_ENVELOPED cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+cn_cbor* COSE_Enveloped_map_get_int(HCOSE_ENVELOPED cose,
+ int key,
+ int flags,
+ cose_errback* errp);
+cn_cbor* COSE_Enveloped_map_get_string(HCOSE_ENVELOPED cose,
+ const char* key,
+ int flags,
+ cose_errback* errp);
+bool COSE_Enveloped_map_put_int(HCOSE_ENVELOPED cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
+bool COSE_Enveloped_map_put_string(HCOSE_ENVELOPED cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
+bool COSE_Enveloped_SetContent(HCOSE_ENVELOPED cose,
+ const byte* rgbContent,
+ size_t cbContent,
+ cose_errback* errp);
+byte* COSE_Enveloped_GetContent(HCOSE_ENVELOPED cose,
+ size_t* pcbContent,
+ cose_errback* errp);
+bool COSE_Enveloped_SetExternal(HCOSE_ENVELOPED hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
-bool COSE_Enveloped_SetContent(HCOSE_ENVELOPED cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-byte * COSE_Enveloped_GetContent(HCOSE_ENVELOPED cose, size_t * pcbContent, cose_errback * errp);
-bool COSE_Enveloped_SetExternal(HCOSE_ENVELOPED hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Enveloped_encrypt(HCOSE_ENVELOPED cose, cose_errback* perror);
+bool COSE_Enveloped_decrypt(HCOSE_ENVELOPED,
+ HCOSE_RECIPIENT,
+ cose_errback* perr);
-bool COSE_Enveloped_encrypt(HCOSE_ENVELOPED cose, cose_errback * perror);
-bool COSE_Enveloped_decrypt(HCOSE_ENVELOPED, HCOSE_RECIPIENT, cose_errback * perr);
+bool COSE_Enveloped_AddRecipient(HCOSE_ENVELOPED hMac,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback* perr);
+HCOSE_RECIPIENT COSE_Enveloped_GetRecipient(HCOSE_ENVELOPED cose,
+ int iRecipient,
+ cose_errback* perr);
-bool COSE_Enveloped_AddRecipient(HCOSE_ENVELOPED hMac, HCOSE_RECIPIENT hRecip, cose_errback * perr);
-HCOSE_RECIPIENT COSE_Enveloped_GetRecipient(HCOSE_ENVELOPED cose, int iRecipient, cose_errback * perr);
-
-bool COSE_Enveloped_AddCounterSigner(HCOSE_ENCRYPT hEnv, HCOSE_COUNTERSIGN hSign, cose_errback * perr);
-HCOSE_COUNTERSIGN COSE_Enveloped_GetCounterSigner(HCOSE_ENCRYPT, int iSigner, cose_errback * perr);
+bool COSE_Enveloped_AddCounterSigner(HCOSE_ENCRYPT hEnv,
+ HCOSE_COUNTERSIGN hSign,
+ cose_errback* perr);
+HCOSE_COUNTERSIGN COSE_Enveloped_GetCounterSigner(HCOSE_ENCRYPT,
+ int iSigner,
+ cose_errback* perr);
/*
*/
-HCOSE_RECIPIENT COSE_Recipient_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perror);
+HCOSE_RECIPIENT COSE_Recipient_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perror);
bool COSE_Recipient_Free(HCOSE_RECIPIENT cose);
-HCOSE_RECIPIENT COSE_Recipient_from_shared_secret(byte * rgbKey, int cbKey, byte * rgbKid, int cbKid, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_RECIPIENT COSE_Recipient_from_shared_secret(byte* rgbKey,
+ int cbKey,
+ byte* rgbKid,
+ int cbKid,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
-bool COSE_Recipient_SetKey_secret(HCOSE_RECIPIENT h, const byte * rgb, int cb, const byte * rgbKid, int cbKid, cose_errback * perr);
-bool COSE_Recipient_SetKey(HCOSE_RECIPIENT h, const cn_cbor * pKey, cose_errback * perror);
-bool COSE_Recipient_SetSenderKey(HCOSE_RECIPIENT h, const cn_cbor * pKey, int destination, cose_errback * perror);
-bool COSE_Recipient_SetExternal(HCOSE_RECIPIENT hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Recipient_SetKey_secret(HCOSE_RECIPIENT h,
+ const byte* rgb,
+ int cb,
+ const byte* rgbKid,
+ int cbKid,
+ cose_errback* perr);
+bool COSE_Recipient_SetKey(HCOSE_RECIPIENT h,
+ const cn_cbor* pKey,
+ cose_errback* perror);
+bool COSE_Recipient_SetSenderKey(HCOSE_RECIPIENT h,
+ const cn_cbor* pKey,
+ int destination,
+ cose_errback* perror);
+bool COSE_Recipient_SetExternal(HCOSE_RECIPIENT hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
-bool COSE_Recipient_map_put_int(HCOSE_RECIPIENT h, int key, cn_cbor * value, int flags, cose_errback * perror);
-cn_cbor * COSE_Recipient_map_get_string(HCOSE_RECIPIENT cose, const char * key, int flags, cose_errback * errp);
-cn_cbor * COSE_Recipient_map_get_int(HCOSE_RECIPIENT cose, int key, int flags, cose_errback * errp);
+bool COSE_Recipient_map_put_int(HCOSE_RECIPIENT h,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* perror);
+cn_cbor* COSE_Recipient_map_get_string(HCOSE_RECIPIENT cose,
+ const char* key,
+ int flags,
+ cose_errback* errp);
+cn_cbor* COSE_Recipient_map_get_int(HCOSE_RECIPIENT cose,
+ int key,
+ int flags,
+ cose_errback* errp);
-bool COSE_Recipient_AddRecipient(HCOSE_RECIPIENT hMac, HCOSE_RECIPIENT hRecip, cose_errback * perr);
-HCOSE_RECIPIENT COSE_Recipient_GetRecipient(HCOSE_RECIPIENT cose, int iRecipient, cose_errback * perr);
-
+bool COSE_Recipient_AddRecipient(HCOSE_RECIPIENT hMac,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback* perr);
+HCOSE_RECIPIENT COSE_Recipient_GetRecipient(HCOSE_RECIPIENT cose,
+ int iRecipient,
+ cose_errback* perr);
/*
* Encrypt message API
*/
-HCOSE_ENCRYPT COSE_Encrypt_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_ENCRYPT COSE_Encrypt_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_Encrypt_Free(HCOSE_ENCRYPT cose);
-cn_cbor * COSE_Encrypt_map_get_int(HCOSE_ENCRYPT cose, int key, int flags, cose_errback * errp);
-cn_cbor * COSE_Encrypt_map_get_string(HCOSE_ENCRYPT cose, const char * key, int flags, cose_errback * errp);
-bool COSE_Encrypt_map_put_int(HCOSE_ENCRYPT cose, int key, cn_cbor * value, int flags, cose_errback * errp);
-bool COSE_Encrypt_map_put_string(HCOSE_ENCRYPT cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+cn_cbor* COSE_Encrypt_map_get_int(HCOSE_ENCRYPT cose,
+ int key,
+ int flags,
+ cose_errback* errp);
+cn_cbor* COSE_Encrypt_map_get_string(HCOSE_ENCRYPT cose,
+ const char* key,
+ int flags,
+ cose_errback* errp);
+bool COSE_Encrypt_map_put_int(HCOSE_ENCRYPT cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
+bool COSE_Encrypt_map_put_string(HCOSE_ENCRYPT cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
+bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT cose,
+ const byte* rgbContent,
+ size_t cbContent,
+ cose_errback* errp);
+const byte* COSE_Encrypt_GetContent(HCOSE_ENCRYPT cose,
+ size_t* pcbContent,
+ cose_errback* errp);
+bool COSE_Encrypt_SetExternal(HCOSE_ENCRYPT hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
-bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-const byte * COSE_Encrypt_GetContent(HCOSE_ENCRYPT cose, size_t * pcbContent, cose_errback * errp);
-bool COSE_Encrypt_SetExternal(HCOSE_ENCRYPT hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT cose,
+ const byte* pbKey,
+ size_t cbKey,
+ cose_errback* perror);
+bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT,
+ const byte* pbKey,
+ size_t cbKey,
+ cose_errback* perr);
-bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT cose, const byte * pbKey, size_t cbKey, cose_errback * perror);
-bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT, const byte * pbKey, size_t cbKey, cose_errback * perr);
-
-HCOSE_ENCRYPT COSE_Encrypt_Init_From_Object(cn_cbor * cbor, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_ENCRYPT COSE_Encrypt_Init_From_Object(cn_cbor* cbor,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
//
//
-HCOSE_MAC COSE_Mac_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_MAC COSE_Mac_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_Mac_Free(HCOSE_MAC cose);
-bool COSE_Mac_SetContent(HCOSE_MAC cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-bool COSE_Mac_SetExternal(HCOSE_MAC hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Mac_SetContent(HCOSE_MAC cose,
+ const byte* rgbContent,
+ size_t cbContent,
+ cose_errback* errp);
+bool COSE_Mac_SetExternal(HCOSE_MAC hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
-cn_cbor * COSE_Mac_map_get_int(HCOSE_MAC h, int key, int flags, cose_errback * perror);
-bool COSE_Mac_map_put_int(HCOSE_MAC cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+cn_cbor* COSE_Mac_map_get_int(HCOSE_MAC h,
+ int key,
+ int flags,
+ cose_errback* perror);
+bool COSE_Mac_map_put_int(HCOSE_MAC cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
-bool COSE_Mac_encrypt(HCOSE_MAC cose, cose_errback * perror);
-bool COSE_Mac_validate(HCOSE_MAC, HCOSE_RECIPIENT, cose_errback * perr);
+bool COSE_Mac_encrypt(HCOSE_MAC cose, cose_errback* perror);
+bool COSE_Mac_validate(HCOSE_MAC, HCOSE_RECIPIENT, cose_errback* perr);
-bool COSE_Mac_AddRecipient(HCOSE_MAC hMac, HCOSE_RECIPIENT hRecip, cose_errback * perr);
-HCOSE_RECIPIENT COSE_Mac_GetRecipient(HCOSE_MAC cose, int iRecipient, cose_errback * perr);
+bool COSE_Mac_AddRecipient(HCOSE_MAC hMac,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback* perr);
+HCOSE_RECIPIENT COSE_Mac_GetRecipient(HCOSE_MAC cose,
+ int iRecipient,
+ cose_errback* perr);
// MAC0 calls
-HCOSE_MAC0 COSE_Mac0_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_MAC0 COSE_Mac0_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_Mac0_Free(HCOSE_MAC0 cose);
-bool COSE_Mac0_SetContent(HCOSE_MAC0 cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-bool COSE_Mac0_SetExternal(HCOSE_MAC0 hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Mac0_SetContent(HCOSE_MAC0 cose,
+ const byte* rgbContent,
+ size_t cbContent,
+ cose_errback* errp);
+bool COSE_Mac0_SetExternal(HCOSE_MAC0 hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
-cn_cbor * COSE_Mac0_map_get_int(HCOSE_MAC0 h, int key, int flags, cose_errback * perror);
-bool COSE_Mac0_map_put_int(HCOSE_MAC0 cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+cn_cbor* COSE_Mac0_map_get_int(HCOSE_MAC0 h,
+ int key,
+ int flags,
+ cose_errback* perror);
+bool COSE_Mac0_map_put_int(HCOSE_MAC0 cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
-bool COSE_Mac0_encrypt(HCOSE_MAC0 cose, const byte * pbKey, size_t cbKey, cose_errback * perror);
-bool COSE_Mac0_validate(HCOSE_MAC0, const byte * pbKey, size_t cbKey, cose_errback * perr);
+bool COSE_Mac0_encrypt(HCOSE_MAC0 cose,
+ const byte* pbKey,
+ size_t cbKey,
+ cose_errback* perror);
+bool COSE_Mac0_validate(HCOSE_MAC0,
+ const byte* pbKey,
+ size_t cbKey,
+ cose_errback* perr);
//
//
-HCOSE_SIGN COSE_Sign_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_SIGN COSE_Sign_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_Sign_Free(HCOSE_SIGN cose);
-bool COSE_Sign_SetContent(HCOSE_SIGN cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
+bool COSE_Sign_SetContent(HCOSE_SIGN cose,
+ const byte* rgbContent,
+ size_t cbContent,
+ cose_errback* errp);
-HCOSE_SIGNER COSE_Sign_add_signer(HCOSE_SIGN cose, const cn_cbor * pkey, int algId, cose_errback * perr);
-bool COSE_Sign_AddSigner(HCOSE_SIGN hSign, HCOSE_SIGNER hSigner, cose_errback * perr);
-bool COSE_Sign_Sign(HCOSE_SIGN h, cose_errback * perr);
-HCOSE_SIGNER COSE_Sign_GetSigner(HCOSE_SIGN cose, int iSigner, cose_errback * perr);
-bool COSE_Sign_validate(HCOSE_SIGN hSign, HCOSE_SIGNER hSigner, cose_errback * perr);
-cn_cbor * COSE_Sign_map_get_int(HCOSE_SIGN h, int key, int flags, cose_errback * perror);
-bool COSE_Sign_map_put_int(HCOSE_SIGN cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+HCOSE_SIGNER COSE_Sign_add_signer(HCOSE_SIGN cose,
+ const cn_cbor* pkey,
+ int algId,
+ cose_errback* perr);
+bool COSE_Sign_AddSigner(HCOSE_SIGN hSign,
+ HCOSE_SIGNER hSigner,
+ cose_errback* perr);
+bool COSE_Sign_Sign(HCOSE_SIGN h, cose_errback* perr);
+HCOSE_SIGNER COSE_Sign_GetSigner(HCOSE_SIGN cose,
+ int iSigner,
+ cose_errback* perr);
+bool COSE_Sign_validate(HCOSE_SIGN hSign,
+ HCOSE_SIGNER hSigner,
+ cose_errback* perr);
+cn_cbor* COSE_Sign_map_get_int(HCOSE_SIGN h,
+ int key,
+ int flags,
+ cose_errback* perror);
+bool COSE_Sign_map_put_int(HCOSE_SIGN cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
-
-HCOSE_SIGNER COSE_Signer_Init(CBOR_CONTEXT_COMMA cose_errback * perror);
+HCOSE_SIGNER COSE_Signer_Init(CBOR_CONTEXT_COMMA cose_errback* perror);
bool COSE_Signer_Free(HCOSE_SIGNER cose);
-bool COSE_Signer_SetKey(HCOSE_SIGNER hSigner, const cn_cbor * pkey, cose_errback * perr);
-cn_cbor * COSE_Signer_map_get_int(HCOSE_SIGNER h, int key, int flags, cose_errback * perr);
-bool COSE_Signer_map_put_int(HCOSE_SIGNER cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+bool COSE_Signer_SetKey(HCOSE_SIGNER hSigner,
+ const cn_cbor* pkey,
+ cose_errback* perr);
+cn_cbor* COSE_Signer_map_get_int(HCOSE_SIGNER h,
+ int key,
+ int flags,
+ cose_errback* perr);
+bool COSE_Signer_map_put_int(HCOSE_SIGNER cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
-bool COSE_Signer_SetExternal(HCOSE_SIGNER hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Signer_SetExternal(HCOSE_SIGNER hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
/*
* Sign routines
*/
-/* allow use of the old names */
+/* allow use of the old names */
#define COSE_Sign0_Init COSE_Sign1_Init
#define COSE_Sign0_Free COSE_Sign1_Free
@@ -344,37 +507,63 @@
#define COSE_Sign0_map_get_int COSE_Sign1_map_get_int
#define COSE_Sign0_map_put_int COSE_Sign1_map_put_int
-
-HCOSE_SIGN1 COSE_Sign1_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_SIGN1 COSE_Sign1_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_Sign1_Free(HCOSE_SIGN1 cose);
-bool COSE_Sign1_SetContent(HCOSE_SIGN1 cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-bool COSE_Sign1_SetExternal(HCOSE_SIGN1 hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool COSE_Sign1_SetContent(HCOSE_SIGN1 cose,
+ const byte* rgbContent,
+ size_t cbContent,
+ cose_errback* errp);
+bool COSE_Sign1_SetExternal(HCOSE_SIGN1 hcose,
+ const byte* pbExternalData,
+ size_t cbExternalData,
+ cose_errback* perr);
-bool COSE_Sign1_Sign(HCOSE_SIGN1 h, const cn_cbor * pkey, cose_errback * perr);
-bool COSE_Sign1_validate(HCOSE_SIGN1 hSign, const cn_cbor * pkey, cose_errback * perr);
-cn_cbor * COSE_Sign1_map_get_int(HCOSE_SIGN1 h, int key, int flags, cose_errback * perror);
-bool COSE_Sign1_map_put_int(HCOSE_SIGN1 cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+bool COSE_Sign1_Sign(HCOSE_SIGN1 h, const cn_cbor* pkey, cose_errback* perr);
+bool COSE_Sign1_validate(HCOSE_SIGN1 hSign,
+ const cn_cbor* pkey,
+ cose_errback* perr);
+cn_cbor* COSE_Sign1_map_get_int(HCOSE_SIGN1 h,
+ int key,
+ int flags,
+ cose_errback* perror);
+bool COSE_Sign1_map_put_int(HCOSE_SIGN1 cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
/*
* Counter Signature Routines
*/
-HCOSE_COUNTERSIGN COSE_CounterSign_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_COUNTERSIGN COSE_CounterSign_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
bool COSE_CounterSign_Free(HCOSE_COUNTERSIGN cose);
-cn_cbor * COSE_CounterSign_map_get_int(HCOSE_COUNTERSIGN h, int key, int flags, cose_errback * perror);
-bool COSE_CounterSign_map_put_int(HCOSE_COUNTERSIGN cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+cn_cbor* COSE_CounterSign_map_get_int(HCOSE_COUNTERSIGN h,
+ int key,
+ int flags,
+ cose_errback* perror);
+bool COSE_CounterSign_map_put_int(HCOSE_COUNTERSIGN cose,
+ int key,
+ cn_cbor* value,
+ int flags,
+ cose_errback* errp);
/*
-*/
+ */
-cn_cbor * cn_cbor_clone(const cn_cbor * pIn, CBOR_CONTEXT_COMMA cn_cbor_errback * perr);
-cn_cbor * cn_cbor_tag_create(int tag, cn_cbor * child, CBOR_CONTEXT_COMMA cn_cbor_errback * perr);
-cn_cbor * cn_cbor_bool_create(int boolValue, CBOR_CONTEXT_COMMA cn_cbor_errback * errp);
-cn_cbor * cn_cbor_null_create(CBOR_CONTEXT_COMMA cn_cbor_errback * errp);
+cn_cbor* cn_cbor_clone(const cn_cbor* pIn,
+ CBOR_CONTEXT_COMMA cn_cbor_errback* perr);
+cn_cbor* cn_cbor_tag_create(int tag,
+ cn_cbor* child,
+ CBOR_CONTEXT_COMMA cn_cbor_errback* perr);
+cn_cbor* cn_cbor_bool_create(int boolValue,
+ CBOR_CONTEXT_COMMA cn_cbor_errback* errp);
+cn_cbor* cn_cbor_null_create(CBOR_CONTEXT_COMMA cn_cbor_errback* errp);
#ifdef __cplusplus
}
#endif
-
diff --git a/include/cose/cose_configure.h b/include/cose/cose_configure.h
index dfabc96..7a1ce44 100644
--- a/include/cose/cose_configure.h
+++ b/include/cose/cose_configure.h
@@ -25,7 +25,8 @@
#define USE_AES_GCM_192
#define USE_AES_GCM_256
-#if defined(USE_AES_GCM_128) || defined(USE_AES_GCM_192) || defined(USE_AES_GCM_256)
+#if defined(USE_AES_GCM_128) || defined(USE_AES_GCM_192) || \
+ defined(USE_AES_GCM_256)
#define USE_AES_GCM
#endif
@@ -52,7 +53,8 @@
#define USE_HMAC_256_256
#define USE_HMAC_384_384
#define USE_HMAC_512_512
-#if defined(USE_HMAC_256_64) || defined(USE_HMAC_256_256) || defined(USE_HMAC_384_384) || defined(USE_HMAC_512_512)
+#if defined(USE_HMAC_256_64) || defined(USE_HMAC_256_256) || \
+ defined(USE_HMAC_384_384) || defined(USE_HMAC_512_512)
#define USE_HMAC
#endif
@@ -67,7 +69,7 @@
#define USE_AES_CBC_MAC_256_64
#define USE_AES_CBC_MAC_256_128
-#endif // !defined(USE_MBED_TLS)
+#endif // !defined(USE_MBED_TLS)
//
// Define which ECDH algorithms are to be used
@@ -78,11 +80,12 @@
#define USE_ECDH_ES_HKDF_512
#define USE_ECDH_SS_HKDF_256
#define USE_ECDH_SS_HKDF_512
-#if defined(USE_ECDH_ES_HKDF_256) || defined(USE_ECDH_ES_HKDF_512) || defined(USE_ECDH_SS_HKDF_256) || defined(USE_ECDH_SS_HKDF_512)
+#if defined(USE_ECDH_ES_HKDF_256) || defined(USE_ECDH_ES_HKDF_512) || \
+ defined(USE_ECDH_SS_HKDF_256) || defined(USE_ECDH_SS_HKDF_512)
#define USE_ECDH 1
#define USE_HKDF_SHA2 1
#endif
-#endif // !defined(USE_MBED_TLS)
+#endif // !defined(USE_MBED_TLS)
#if !defined(USE_MBED_TLS)
#define USE_ECDH_ES_A128KW
@@ -91,11 +94,13 @@
#define USE_ECDH_SS_A128KW
#define USE_ECDH_SS_A192KW
#define USE_ECDH_SS_A256KW
-#if defined(USE_ECDH_ES_A128KW) || defined(USE_ECDH_ES_A192KW) || defined(USE_ECDH_ES_A256KW) || defined(USE_ECDH_SS_A128KW) || defined(USE_ECDH_SS_A192KW) || defined(USE_ECDH_SS_A256KW)
+#if defined(USE_ECDH_ES_A128KW) || defined(USE_ECDH_ES_A192KW) || \
+ defined(USE_ECDH_ES_A256KW) || defined(USE_ECDH_SS_A128KW) || \
+ defined(USE_ECDH_SS_A192KW) || defined(USE_ECDH_SS_A256KW)
#define USE_ECDH 1
#define USE_HKDF_AES 1
#endif
-#endif // !defined(USE_MBED_TLS)
+#endif // !defined(USE_MBED_TLS)
//
// Define which Key Wrap functions are to be used
@@ -105,7 +110,7 @@
#define USE_AES_KW_128
#define USE_AES_KW_192
#define USE_AES_KW_256
-#endif // !defined(USE_MBED_TLS)
+#endif // !defined(USE_MBED_TLS)
//
// Define which of the DIRECT + KDF algorithms are to be used
@@ -116,14 +121,14 @@
#define USE_Direct_HKDF_HMAC_SHA_512
#define USE_Direct_HKDF_AES_128
#define USE_Direct_HKDF_AES_256
-#if defined(USE_Direct_HKDF_HMAC_SHA_256) || defined(USE_Direct_HKDF_HMAC_SHA_512)
+#if defined(USE_Direct_HKDF_HMAC_SHA_256) || \
+ defined(USE_Direct_HKDF_HMAC_SHA_512)
#define USE_HKDF_SHA2 1
#endif
#if defined(USE_Direct_HKDF_AES_128) || defined(USE_Direct_KDF_AES_256)
#define USE_HKDF_AES 1
#endif
-#endif // !defined(USE_MBED_TLS)
-
+#endif // !defined(USE_MBED_TLS)
//
// Define which of the signature algorithms are to be used
@@ -141,8 +146,7 @@
#pragma message("OPENSSL VERSION IS ")
#pragma message(OPENSSL_VERISON_NUMBER)
#endif
-#endif // !defined (USE_MBED_TLS)
-
+#endif // !defined (USE_MBED_TLS)
//#define USE_COUNTER_SIGNATURES
diff --git a/src/Cose.c b/src/Cose.c
index d8c0039..28e0469 100644
--- a/src/Cose.c
+++ b/src/Cose.c
@@ -10,45 +10,59 @@
bool IsValidCOSEHandle(HCOSE h)
{
- COSE_Encrypt * p = (COSE_Encrypt *)h;
- if (p == NULL) return false;
+ COSE_Encrypt *p = (COSE_Encrypt *)h;
+ if (p == NULL)
+ return false;
return true;
}
-
-bool _COSE_Init(COSE_INIT_FLAGS flags, COSE* pobj, int msgType, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool _COSE_Init(COSE_INIT_FLAGS flags,
+ COSE *pobj,
+ int msgType,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor_errback errState;;
+ cn_cbor_errback errState;
+ ;
#ifdef USE_CBOR_CONTEXT
- if (context != NULL) pobj->m_allocContext = *context;
+ if (context != NULL)
+ pobj->m_allocContext = *context;
#endif
- CHECK_CONDITION((flags & ~(COSE_INIT_FLAGS_DETACHED_CONTENT | COSE_INIT_FLAGS_NO_CBOR_TAG)) == 0, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((flags & ~(COSE_INIT_FLAGS_DETACHED_CONTENT |
+ COSE_INIT_FLAGS_NO_CBOR_TAG)) == 0,
+ COSE_ERR_INVALID_PARAMETER);
pobj->m_flags = flags;
- pobj->m_protectedMap = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &errState);
+ pobj->m_protectedMap =
+ cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & errState);
CHECK_CONDITION_CBOR(pobj->m_protectedMap != NULL, errState);
- pobj->m_dontSendMap = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &errState);
+ pobj->m_dontSendMap =
+ cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & errState);
CHECK_CONDITION_CBOR(pobj->m_dontSendMap != NULL, errState);
- pobj->m_cborRoot = pobj->m_cbor = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &errState);
+ pobj->m_cborRoot = pobj->m_cbor =
+ cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & errState);
CHECK_CONDITION_CBOR(pobj->m_cbor != NULL, errState);
pobj->m_ownMsg = 1;
pobj->m_msgType = msgType;
- pobj->m_unprotectMap = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &errState);
+ pobj->m_unprotectMap =
+ cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & errState);
CHECK_CONDITION_CBOR(pobj->m_unprotectMap != NULL, errState);
- CHECK_CONDITION_CBOR(_COSE_array_replace(pobj, pobj->m_unprotectMap, INDEX_UNPROTECTED, CBOR_CONTEXT_PARAM_COMMA &errState), errState);
+ CHECK_CONDITION_CBOR(
+ _COSE_array_replace(pobj, pobj->m_unprotectMap, INDEX_UNPROTECTED,
+ CBOR_CONTEXT_PARAM_COMMA & errState),
+ errState);
pobj->m_ownUnprotectedMap = false;
-
if (!(flags & COSE_INIT_FLAGS_NO_CBOR_TAG)) {
cn_cbor_errback cbor_error;
- cn_cbor * cn = cn_cbor_tag_create(msgType, pobj->m_cborRoot, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn_cbor *cn = cn_cbor_tag_create(
+ msgType, pobj->m_cborRoot, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
pobj->m_cborRoot = cn;
}
@@ -61,14 +75,17 @@
return false;
}
-bool _COSE_Init_From_Object(COSE* pobj, cn_cbor * pcbor, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool _COSE_Init_From_Object(COSE *pobj,
+ cn_cbor *pcbor,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- const cn_cbor * pmap = NULL;
- cn_cbor_errback errState; // = { 0 };
+ const cn_cbor *pmap = NULL;
+ cn_cbor_errback errState; // = { 0 };
cn_cbor_errback cbor_error;
#ifdef USE_CBOR_CONTEXT
- if (context != NULL) pobj->m_allocContext = *context;
+ if (context != NULL)
+ pobj->m_allocContext = *context;
#endif
pobj->m_cborRoot = pcbor;
pobj->m_cbor = pcbor;
@@ -82,23 +99,29 @@
CHECK_CONDITION(pmap != NULL, COSE_ERR_INVALID_PARAMETER);
if (pmap != NULL) {
- CHECK_CONDITION(pmap->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ pmap->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
if (pmap->length == 0) {
- pobj->m_protectedMap = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
+ pobj->m_protectedMap =
+ cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(pobj->m_protectedMap, COSE_ERR_OUT_OF_MEMORY);
- }
- else {
- pobj->m_protectedMap = cn_cbor_decode((const byte *)pmap->v.str, pmap->length, CBOR_CONTEXT_PARAM_COMMA &errState);
- CHECK_CONDITION(pobj->m_protectedMap != NULL, COSE_ERR_INVALID_PARAMETER);
+ } else {
+ pobj->m_protectedMap = cn_cbor_decode((const byte *)pmap->v.str,
+ pmap->length, CBOR_CONTEXT_PARAM_COMMA & errState);
+ CHECK_CONDITION(
+ pobj->m_protectedMap != NULL, COSE_ERR_INVALID_PARAMETER);
}
}
pobj->m_unprotectMap = _COSE_arrayget_int(pobj, INDEX_UNPROTECTED);
- CHECK_CONDITION((pobj->m_unprotectMap != NULL) && (pobj->m_unprotectMap->type == CN_CBOR_MAP), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((pobj->m_unprotectMap != NULL) &&
+ (pobj->m_unprotectMap->type == CN_CBOR_MAP),
+ COSE_ERR_INVALID_PARAMETER);
pobj->m_ownUnprotectedMap = false;
- pobj->m_dontSendMap = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pobj->m_dontSendMap =
+ cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pobj->m_dontSendMap != NULL, cbor_error);
pobj->m_ownMsg = true;
@@ -110,116 +133,132 @@
return false;
}
-void _COSE_Release(COSE * pobj)
+void _COSE_Release(COSE *pobj)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pobj->m_allocContext;
+ cn_cbor_context *context = &pobj->m_allocContext;
#endif
- if (pobj->m_protectedMap != NULL) CN_CBOR_FREE(pobj->m_protectedMap, context);
- if (pobj->m_ownUnprotectedMap && (pobj->m_unprotectMap != NULL)) CN_CBOR_FREE(pobj->m_unprotectMap, context);
- if (pobj->m_dontSendMap != NULL) CN_CBOR_FREE(pobj->m_dontSendMap, context);
- if (pobj->m_ownMsg && (pobj->m_cborRoot != NULL) && (pobj->m_cborRoot->parent == NULL)) CN_CBOR_FREE(pobj->m_cborRoot, context);
+ if (pobj->m_protectedMap != NULL)
+ CN_CBOR_FREE(pobj->m_protectedMap, context);
+ if (pobj->m_ownUnprotectedMap && (pobj->m_unprotectMap != NULL))
+ CN_CBOR_FREE(pobj->m_unprotectMap, context);
+ if (pobj->m_dontSendMap != NULL)
+ CN_CBOR_FREE(pobj->m_dontSendMap, context);
+ if (pobj->m_ownMsg && (pobj->m_cborRoot != NULL) &&
+ (pobj->m_cborRoot->parent == NULL))
+ CN_CBOR_FREE(pobj->m_cborRoot, context);
}
-
-HCOSE COSE_Decode(const byte * rgbData, size_t cbData, int * ptype, COSE_object_type struct_type, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE COSE_Decode(const byte *rgbData,
+ size_t cbData,
+ int *ptype,
+ COSE_object_type struct_type,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor * cbor = NULL;
- cn_cbor * cborRoot = NULL;
+ cn_cbor *cbor = NULL;
+ cn_cbor *cborRoot = NULL;
cn_cbor_errback cbor_err;
HCOSE h;
- CHECK_CONDITION((rgbData != NULL) && (ptype != NULL), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ (rgbData != NULL) && (ptype != NULL), COSE_ERR_INVALID_PARAMETER);
- cbor = cborRoot = cn_cbor_decode(rgbData, cbData, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
+ cbor = cborRoot =
+ cn_cbor_decode(rgbData, cbData, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
CHECK_CONDITION_CBOR(cbor != NULL, cbor_err);
if (cbor->type == CN_CBOR_TAG) {
if (struct_type != 0) {
- CHECK_CONDITION(struct_type == (COSE_object_type) cbor->v.sint, COSE_ERR_INVALID_PARAMETER);
- }
- else struct_type = cbor->v.uint;
+ CHECK_CONDITION(struct_type == (COSE_object_type)cbor->v.sint,
+ COSE_ERR_INVALID_PARAMETER);
+ } else
+ struct_type = cbor->v.uint;
*ptype = struct_type;
cbor = cbor->first_child;
- }
- else {
+ } else {
*ptype = struct_type;
}
CHECK_CONDITION(cbor->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
switch (*ptype) {
- case COSE_enveloped_object:
+ case COSE_enveloped_object:
#if INCLUDE_ENCRYPT
- h = (HCOSE)_COSE_Enveloped_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (h == NULL) {
- goto errorReturn;
- }
+ h = (HCOSE)_COSE_Enveloped_Init_From_Object(
+ cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (h == NULL) {
+ goto errorReturn;
+ }
#else
- FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+ FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
#endif
- break;
+ break;
- case COSE_sign_object:
+ case COSE_sign_object:
#if INCLUDE_SIGN
- h = (HCOSE)_COSE_Sign_Init_From_Object(cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (h == NULL) {
- goto errorReturn;
- }
+ h = (HCOSE)_COSE_Sign_Init_From_Object(
+ cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (h == NULL) {
+ goto errorReturn;
+ }
#else
- FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+ FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
#endif
- break;
+ break;
- case COSE_sign1_object:
+ case COSE_sign1_object:
#if INCLUDE_SIGN1
- h = (HCOSE)_COSE_Sign1_Init_From_Object(cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (h == NULL) {
- goto errorReturn;
- }
+ h = (HCOSE)_COSE_Sign1_Init_From_Object(
+ cborRoot, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (h == NULL) {
+ goto errorReturn;
+ }
#else
- FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+ FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
#endif
- break;
+ break;
- case COSE_mac_object:
+ case COSE_mac_object:
#if INCLUDE_MAC
- h = (HCOSE)_COSE_Mac_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (h == NULL) {
- goto errorReturn;
- }
+ h = (HCOSE)_COSE_Mac_Init_From_Object(
+ cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (h == NULL) {
+ goto errorReturn;
+ }
#else
- FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+ FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
#endif
- break;
+ break;
- case COSE_mac0_object:
+ case COSE_mac0_object:
#if INCLUDE_MAC0
- h = (HCOSE)_COSE_Mac0_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (h == NULL) {
- goto errorReturn;
- }
+ h = (HCOSE)_COSE_Mac0_Init_From_Object(
+ cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (h == NULL) {
+ goto errorReturn;
+ }
#else
- FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+ FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
#endif
- break;
+ break;
- case COSE_encrypt_object:
+ case COSE_encrypt_object:
#if INCLUDE_ENCRYPT0
- h = (HCOSE)_COSE_Encrypt_Init_From_Object(cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (h == NULL) {
- goto errorReturn;
- }
+ h = (HCOSE)_COSE_Encrypt_Init_From_Object(
+ cbor, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (h == NULL) {
+ goto errorReturn;
+ }
#else
- FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
+ FAIL_CONDITION(COSE_ERR_UNSUPPORTED_COSE_TYPE);
#endif
- break;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
return h;
@@ -229,70 +268,86 @@
return NULL;
}
-
-size_t COSE_Encode(HCOSE msg, byte * rgb, size_t ib, size_t cb)
+size_t COSE_Encode(HCOSE msg, byte *rgb, size_t ib, size_t cb)
{
- if (rgb == NULL) return cn_cbor_encode_size(((COSE *)msg)->m_cbor) + ib;
- ssize_t size = cn_cbor_encoder_write(rgb, ib, cb, ((COSE*)msg)->m_cbor);
+ if (rgb == NULL)
+ return cn_cbor_encode_size(((COSE *)msg)->m_cbor) + ib;
+ ssize_t size = cn_cbor_encoder_write(rgb, ib, cb, ((COSE *)msg)->m_cbor);
return size >= 0 ? size : 0;
}
-
-cn_cbor * COSE_get_cbor(HCOSE h)
+cn_cbor *COSE_get_cbor(HCOSE h)
{
- COSE * msg = (COSE *)h;
- if (!IsValidCOSEHandle(h)) return NULL;
+ COSE *msg = (COSE *)h;
+ if (!IsValidCOSEHandle(h))
+ return NULL;
return msg->m_cbor;
}
-bool _COSE_SetExternal(COSE * pcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool _COSE_SetExternal(COSE *pcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
- (void) perr;
+ (void)perr;
pcose->m_pbExternal = pbExternalData;
pcose->m_cbExternal = cbExternalData;
return true;
}
-
-cn_cbor * _COSE_map_get_int(COSE * pcose, int key, int flags, cose_errback * perror)
+cn_cbor *_COSE_map_get_int(COSE *pcose,
+ int key,
+ int flags,
+ cose_errback *perror)
{
- cn_cbor * p = NULL;
+ cn_cbor *p = NULL;
- if (perror != NULL) perror->err = COSE_ERR_NONE;
+ if (perror != NULL)
+ perror->err = COSE_ERR_NONE;
if ((pcose->m_protectedMap != NULL) && ((flags & COSE_PROTECT_ONLY) != 0)) {
p = cn_cbor_mapget_int(pcose->m_protectedMap, key);
- if (p != NULL) return p;
+ if (p != NULL)
+ return p;
}
- if ((pcose->m_unprotectMap != NULL) && ((flags & COSE_UNPROTECT_ONLY) != 0)) {
+ if ((pcose->m_unprotectMap != NULL) &&
+ ((flags & COSE_UNPROTECT_ONLY) != 0)) {
p = cn_cbor_mapget_int(pcose->m_unprotectMap, key);
- if (p != NULL) return p;
+ if (p != NULL)
+ return p;
}
if ((pcose->m_dontSendMap != NULL) && ((flags & COSE_DONT_SEND) != 0)) {
p = cn_cbor_mapget_int(pcose->m_dontSendMap, key);
}
- if ((p == NULL) && (perror != NULL)) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if ((p == NULL) && (perror != NULL))
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return p;
}
-cn_cbor * _COSE_map_get_str(COSE * pcose, const char * key, int flags, cose_errback * perror)
+cn_cbor *_COSE_map_get_str(COSE *pcose,
+ const char *key,
+ int flags,
+ cose_errback *perror)
{
- cn_cbor * p = NULL;
+ cn_cbor *p = NULL;
- if (perror != NULL) perror->err = COSE_ERR_NONE;
+ if (perror != NULL)
+ perror->err = COSE_ERR_NONE;
if ((pcose->m_protectedMap != NULL) && ((flags & COSE_PROTECT_ONLY) != 0)) {
p = cn_cbor_mapget_string(pcose->m_protectedMap, key);
- if (p != NULL) return p;
+ if (p != NULL)
+ return p;
}
- if ((pcose->m_unprotectMap != NULL) && ((flags & COSE_UNPROTECT_ONLY) != 0)) {
+ if ((pcose->m_unprotectMap != NULL) &&
+ ((flags & COSE_UNPROTECT_ONLY) != 0)) {
p = cn_cbor_mapget_string(pcose->m_unprotectMap, key);
}
@@ -303,35 +358,45 @@
return p;
}
-bool _COSE_map_put(COSE * pCose, int key, cn_cbor * value, int flags, cose_errback * perr)
+bool _COSE_map_put(COSE *pCose,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perr)
{
-#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pCose->m_allocContext;
+#ifdef USE_CBOR_CONTEXT
+ cn_cbor_context *context = &pCose->m_allocContext;
#endif
cn_cbor_errback error;
bool f = false;
CHECK_CONDITION(value != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(cn_cbor_mapget_int(pCose->m_protectedMap, key) == NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(cn_cbor_mapget_int(pCose->m_unprotectMap, key) == NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(cn_cbor_mapget_int(pCose->m_dontSendMap, key) == NULL, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cn_cbor_mapget_int(pCose->m_protectedMap, key) == NULL,
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cn_cbor_mapget_int(pCose->m_unprotectMap, key) == NULL,
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cn_cbor_mapget_int(pCose->m_dontSendMap, key) == NULL,
+ COSE_ERR_INVALID_PARAMETER);
switch (flags) {
- case COSE_PROTECT_ONLY:
- f = cn_cbor_mapput_int(pCose->m_protectedMap, key, value, CBOR_CONTEXT_PARAM_COMMA &error);
- break;
+ case COSE_PROTECT_ONLY:
+ f = cn_cbor_mapput_int(pCose->m_protectedMap, key, value,
+ CBOR_CONTEXT_PARAM_COMMA & error);
+ break;
- case COSE_UNPROTECT_ONLY:
- f = cn_cbor_mapput_int(pCose->m_unprotectMap, key, value, CBOR_CONTEXT_PARAM_COMMA &error);
- break;
+ case COSE_UNPROTECT_ONLY:
+ f = cn_cbor_mapput_int(pCose->m_unprotectMap, key, value,
+ CBOR_CONTEXT_PARAM_COMMA & error);
+ break;
- case COSE_DONT_SEND:
- f = cn_cbor_mapput_int(pCose->m_dontSendMap, key, value, CBOR_CONTEXT_PARAM_COMMA &error);
- break;
+ case COSE_DONT_SEND:
+ f = cn_cbor_mapput_int(pCose->m_dontSendMap, key, value,
+ CBOR_CONTEXT_PARAM_COMMA & error);
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
CHECK_CONDITION(f, _MapFromCBOR(error));
@@ -340,19 +405,20 @@
return f;
}
-cn_cbor * _COSE_encode_protected(COSE * pMessage, cose_errback * perr)
+cn_cbor *_COSE_encode_protected(COSE *pMessage, cose_errback *perr)
{
- cn_cbor * pProtected;
+ cn_cbor *pProtected;
int cbProtected;
- byte * pbProtected = NULL;
+ byte *pbProtected = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pMessage->m_allocContext;
-#endif // USE_CBOR_CONTEXT
+ cn_cbor_context *context = &pMessage->m_allocContext;
+#endif // USE_CBOR_CONTEXT
pProtected = cn_cbor_index(pMessage->m_cbor, INDEX_PROTECTED);
- if ((pProtected != NULL) &&(pProtected->type != CN_CBOR_INVALID)) {
+ if ((pProtected != NULL) && (pProtected->type != CN_CBOR_INVALID)) {
errorReturn:
- if (pbProtected != NULL) COSE_FREE(pbProtected, context);
+ if (pbProtected != NULL)
+ COSE_FREE(pbProtected, context);
return pProtected;
}
@@ -361,28 +427,35 @@
pbProtected = (byte *)COSE_CALLOC(cbProtected, 1, context);
CHECK_CONDITION(pbProtected != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(cn_cbor_encoder_write(pbProtected, 0, cbProtected, pMessage->m_protectedMap) == cbProtected, COSE_ERR_CBOR);
- }
- else {
+ CHECK_CONDITION(cn_cbor_encoder_write(pbProtected, 0, cbProtected,
+ pMessage->m_protectedMap) == cbProtected,
+ COSE_ERR_CBOR);
+ } else {
cbProtected = 0;
}
- pProtected = cn_cbor_data_create(pbProtected, cbProtected, CBOR_CONTEXT_PARAM_COMMA NULL);
+ pProtected = cn_cbor_data_create(
+ pbProtected, cbProtected, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(pProtected != NULL, COSE_ERR_OUT_OF_MEMORY);
pbProtected = NULL;
- CHECK_CONDITION(_COSE_array_replace(pMessage, pProtected, INDEX_PROTECTED, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(pMessage, pProtected, INDEX_PROTECTED,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
return pProtected;
}
#ifdef USE_COUNTER_SIGNATURES
-bool _COSE_CounterSign_add(COSE * pMessage, HCOSE_COUNTERSIGN hSigner, cose_errback * perr)
+bool _COSE_CounterSign_add(COSE *pMessage,
+ HCOSE_COUNTERSIGN hSigner,
+ cose_errback *perr)
{
- COSE_CounterSign * pSigner = (COSE_CounterSign *)hSigner;
+ COSE_CounterSign *pSigner = (COSE_CounterSign *)hSigner;
CHECK_CONDITION(IsValidCounterSignHandle(hSigner), COSE_ERR_INVALID_HANDLE);
- CHECK_CONDITION(pSigner->m_signer.m_signerNext == NULL, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ pSigner->m_signer.m_signerNext == NULL, COSE_ERR_INVALID_PARAMETER);
pSigner = pMessage->m_counterSigners;
pMessage->m_counterSigners = pSigner;
@@ -392,82 +465,100 @@
return false;
}
-HCOSE_COUNTERSIGN _COSE_CounterSign_get(COSE * pMessage, int iSigner, cose_errback * perr)
+HCOSE_COUNTERSIGN _COSE_CounterSign_get(COSE *pMessage,
+ int iSigner,
+ cose_errback *perr)
{
- COSE_CounterSign * pSigner = pMessage->m_counterSigners;
+ COSE_CounterSign *pSigner = pMessage->m_counterSigners;
int i;
for (i = 0; i < iSigner; i++, pSigner = pSigner->m_next) {
CHECK_CONDITION(pSigner != NULL, COSE_ERR_INVALID_PARAMETER);
}
- return (HCOSE_COUNTERSIGN) pSigner;
+ return (HCOSE_COUNTERSIGN)pSigner;
errorReturn:
return false;
}
-bool _COSE_CountSign_create(COSE * pMessage, cn_cbor * pcnBody, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool _COSE_CountSign_create(COSE *pMessage,
+ cn_cbor *pcnBody,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor * pArray = NULL;
+ cn_cbor *pArray = NULL;
cn_cbor_errback cbor_err;
- COSE_CounterSign * pSigner = NULL;
- cn_cbor * pcnProtected = NULL;
- cn_cbor * pcn = NULL;
- cn_cbor * pcn2 = NULL;
+ COSE_CounterSign *pSigner = NULL;
+ cn_cbor *pcnProtected = NULL;
+ cn_cbor *pcn = NULL;
+ cn_cbor *pcn2 = NULL;
- if (pMessage->m_counterSigners == NULL) return true;
+ if (pMessage->m_counterSigners == NULL)
+ return true;
// One or more than one?
if (pMessage->m_counterSigners->m_signer.m_signerNext != NULL) {
- pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_err);
+ pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_err);
CHECK_CONDITION_CBOR(pArray != NULL, cbor_err);
}
pcnProtected = _COSE_arrayget_int(pMessage, INDEX_PROTECTED);
CHECK_CONDITION(pcnProtected != NULL, COSE_ERR_INTERNAL);
- for (pSigner = pMessage->m_counterSigners; pSigner != NULL; pSigner = pSigner->m_next) {
- CHECK_CONDITION(pSigner->m_signer.m_signerNext == NULL, COSE_ERR_INTERNAL);
+ for (pSigner = pMessage->m_counterSigners; pSigner != NULL;
+ pSigner = pSigner->m_next) {
+ CHECK_CONDITION(
+ pSigner->m_signer.m_signerNext == NULL, COSE_ERR_INTERNAL);
- pcn = cn_cbor_data_create(pcnProtected->v.bytes, pcnProtected->v.count, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
+ pcn = cn_cbor_data_create(pcnProtected->v.bytes, pcnProtected->v.count,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_err);
CHECK_CONDITION_CBOR(pcnProtected != NULL, cbor_err);
- pcn2 = cn_cbor_clone(pcnBody, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
+ pcn2 = cn_cbor_clone(pcnBody, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
CHECK_CONDITION_CBOR(pcnBody != NULL, cbor_err);
- if (!_COSE_Signer_sign(&pSigner->m_signer, pcnBody, pcn2, perr)) goto errorReturn;
+ if (!_COSE_Signer_sign(&pSigner->m_signer, pcnBody, pcn2, perr))
+ goto errorReturn;
pcn = NULL;
pcn2 = NULL;
if (pArray != NULL) {
- bool f = cn_cbor_array_append(pArray, pSigner->m_signer.m_message.m_cborRoot, &cbor_err);
+ bool f = cn_cbor_array_append(
+ pArray, pSigner->m_signer.m_message.m_cborRoot, &cbor_err);
CHECK_CONDITION_CBOR(f, cbor_err);
- }
- else {
+ } else {
pArray = pSigner->m_signer.m_message.m_cborRoot;
}
}
- if (!_COSE_map_put(pMessage, COSE_Header_CounterSign, pArray, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!_COSE_map_put(pMessage, COSE_Header_CounterSign, pArray,
+ COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
return true;
errorReturn:
- if (pArray != NULL) CN_CBOR_FREE(pArray, context);
- if ((pcn != NULL) && (pcn->parent != NULL)) CN_CBOR_FREE(pcn, context);
- if ((pcn2 != NULL) && (pcn2->parent != NULL)) CN_CBOR_FREE(pcn2, context);
+ if (pArray != NULL)
+ CN_CBOR_FREE(pArray, context);
+ if ((pcn != NULL) && (pcn->parent != NULL))
+ CN_CBOR_FREE(pcn, context);
+ if ((pcn2 != NULL) && (pcn2->parent != NULL))
+ CN_CBOR_FREE(pcn2, context);
return false;
}
#endif
-bool _COSE_array_replace(COSE * pMessage, cn_cbor * cb_value, int index, CBOR_CONTEXT_COMMA cn_cbor_errback * errp)
+bool _COSE_array_replace(COSE *pMessage,
+ cn_cbor *cb_value,
+ int index,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *errp)
{
- return cn_cbor_array_replace(pMessage->m_cbor, cb_value, index, CBOR_CONTEXT_PARAM_COMMA errp);
+ return cn_cbor_array_replace(
+ pMessage->m_cbor, cb_value, index, CBOR_CONTEXT_PARAM_COMMA errp);
}
-cn_cbor * _COSE_arrayget_int(COSE * pMessage, int index)
+cn_cbor *_COSE_arrayget_int(COSE *pMessage, int index)
{
return cn_cbor_index(pMessage->m_cbor, index);
}
@@ -475,18 +566,18 @@
cose_error _MapFromCBOR(cn_cbor_errback err)
{
switch (err.err) {
- case CN_CBOR_ERR_INVALID_PARAMETER:
- return COSE_ERR_INVALID_PARAMETER;
+ case CN_CBOR_ERR_INVALID_PARAMETER:
+ return COSE_ERR_INVALID_PARAMETER;
- case CN_CBOR_ERR_OUT_OF_MEMORY:
- return COSE_ERR_OUT_OF_MEMORY;
+ case CN_CBOR_ERR_OUT_OF_MEMORY:
+ return COSE_ERR_OUT_OF_MEMORY;
- default:
- return COSE_ERR_CBOR;
+ default:
+ return COSE_ERR_CBOR;
}
}
-void _COSE_InsertInList(COSE ** root, COSE * newMsg)
+void _COSE_InsertInList(COSE **root, COSE *newMsg)
{
if (*root == NULL) {
*root = newMsg;
@@ -498,7 +589,7 @@
return;
}
-bool _COSE_IsInList(const COSE *const root, const COSE *const thisMsg)
+bool _COSE_IsInList(const COSE *const root, const COSE *const thisMsg)
{
if (root == NULL) {
return false;
@@ -507,7 +598,7 @@
return false;
}
- for (const COSE * walk = root; walk != NULL; walk = walk->m_handleList) {
+ for (const COSE *walk = root; walk != NULL; walk = walk->m_handleList) {
if (walk == thisMsg) {
return true;
}
@@ -515,9 +606,9 @@
return false;
}
-void _COSE_RemoveFromList(COSE ** root, COSE * thisMsg)
+void _COSE_RemoveFromList(COSE **root, COSE *thisMsg)
{
- COSE * walk;
+ COSE *walk;
if (*root == thisMsg) {
*root = thisMsg->m_handleList;
diff --git a/src/Encrypt.c b/src/Encrypt.c
index 9ba37f1..1d36a22 100644
--- a/src/Encrypt.c
+++ b/src/Encrypt.c
@@ -1,6 +1,7 @@
/** \file Encrypt.c
-* Contains implementation of the functions related to HCOSE_ENVELOPED handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_ENVELOPED handle
+ * objects.
+ */
#include <stdlib.h>
#ifndef __MBED__
@@ -17,56 +18,59 @@
#include "crypto.h"
#if INCLUDE_ENCRYPT || INCLUDE_MAC
-void _COSE_Enveloped_Release(COSE_Enveloped * p);
+void _COSE_Enveloped_Release(COSE_Enveloped *p);
-static COSE * EnvelopedRoot = NULL;
+static COSE *EnvelopedRoot = NULL;
#endif
#if INCLUDE_ENCRYPT
/*! \private
-* @brief Test if a HCOSE_ENVELOPED handle is valid
-*
-* Internal function to test if a enveloped message handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_ENVELOPED handle is valid
+ *
+ * Internal function to test if a enveloped message handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
bool IsValidEnvelopedHandle(HCOSE_ENVELOPED h)
{
- COSE_Enveloped * p = (COSE_Enveloped *)h;
- return _COSE_IsInList(EnvelopedRoot, (COSE *) p);
+ COSE_Enveloped *p = (COSE_Enveloped *)h;
+ return _COSE_IsInList(EnvelopedRoot, (COSE *)p);
}
-
/*!
-* @brief Allocate and initialize an object for creation of an Enveloped message object
-*
-* Allocate and initialize the object used to create a COSE Enveloped message object.
-* Supported flags are:
-* COSE_INIT_FLAG_DETACHED_CONTENT - content is not part of the message
-* COSE_INIT_NO_CBOR_FLAG - Do not emit the leading CBOR tag on the message.
-*
-* See the notes on the memory model for the use of the context variable.
-* Applications need to free the returned handle before deallocating the
-* memory block that it was wrapped in for correct handle checking.
-*
-* @param flags Set of initialization flags from the COSE_INIT_FLAGS enum
-* @param context CN_CBOR context allocator struture
-* @param perr Location to return error specific information
-* @returns handle to the newly allocated object
-*/
-HCOSE_ENVELOPED COSE_Enveloped_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+ * @brief Allocate and initialize an object for creation of an Enveloped message
+ * object
+ *
+ * Allocate and initialize the object used to create a COSE Enveloped message
+ * object. Supported flags are: COSE_INIT_FLAG_DETACHED_CONTENT - content is not
+ * part of the message COSE_INIT_NO_CBOR_FLAG - Do not emit the leading CBOR tag
+ * on the message.
+ *
+ * See the notes on the memory model for the use of the context variable.
+ * Applications need to free the returned handle before deallocating the
+ * memory block that it was wrapped in for correct handle checking.
+ *
+ * @param flags Set of initialization flags from the COSE_INIT_FLAGS enum
+ * @param context CN_CBOR context allocator struture
+ * @param perr Location to return error specific information
+ * @returns handle to the newly allocated object
+ */
+HCOSE_ENVELOPED COSE_Enveloped_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_Enveloped * pobj = (COSE_Enveloped *)COSE_CALLOC(1, sizeof(COSE_Enveloped), context);
+ COSE_Enveloped *pobj =
+ (COSE_Enveloped *)COSE_CALLOC(1, sizeof(COSE_Enveloped), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init(flags,&pobj->m_message, COSE_enveloped_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags, &pobj->m_message, COSE_enveloped_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
_COSE_Enveloped_Release(pobj);
COSE_FREE(pobj, context);
return NULL;
@@ -74,7 +78,7 @@
_COSE_InsertInList(&EnvelopedRoot, &pobj->m_message);
- return (HCOSE_ENVELOPED) pobj;
+ return (HCOSE_ENVELOPED)pobj;
errorReturn:
return NULL;
@@ -82,35 +86,44 @@
#endif
#if INCLUDE_ENCRYPT || INCLUDE_MAC
-HCOSE_ENVELOPED _COSE_Enveloped_Init_From_Object(cn_cbor * cbor, COSE_Enveloped * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_ENVELOPED _COSE_Enveloped_Init_From_Object(cn_cbor *cbor,
+ COSE_Enveloped *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_Enveloped * pobj = pIn;
- cn_cbor * pRecipients = NULL;
- cose_errback error = { 0 };
- if (perr == NULL) perr = &error;
+ COSE_Enveloped *pobj = pIn;
+ cn_cbor *pRecipients = NULL;
+ cose_errback error = {0};
+ if (perr == NULL)
+ perr = &error;
- if (pobj == NULL) pobj = (COSE_Enveloped *)COSE_CALLOC(1, sizeof(COSE_Enveloped), context);
+ if (pobj == NULL)
+ pobj =
+ (COSE_Enveloped *)COSE_CALLOC(1, sizeof(COSE_Enveloped), context);
if (pobj == NULL) {
perr->err = COSE_ERR_OUT_OF_MEMORY;
errorReturn:
if (pobj != NULL) {
_COSE_Enveloped_Release(pobj);
- if (pIn == NULL) COSE_FREE(pobj, context);
+ if (pIn == NULL)
+ COSE_FREE(pobj, context);
}
return NULL;
}
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
pRecipients = _COSE_arrayget_int(&pobj->m_message, INDEX_RECIPIENTS);
if (pRecipients != NULL) {
- CHECK_CONDITION(pRecipients->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ pRecipients->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
pRecipients = pRecipients->first_child;
while (pRecipients != NULL) {
- COSE_RecipientInfo * pInfo = _COSE_Recipient_Init_From_Object(pRecipients, CBOR_CONTEXT_PARAM_COMMA perr);
+ COSE_RecipientInfo *pInfo = _COSE_Recipient_Init_From_Object(
+ pRecipients, CBOR_CONTEXT_PARAM_COMMA perr);
CHECK_CONDITION(pInfo != NULL, COSE_ERR_OUT_OF_MEMORY);
pInfo->m_recipientNext = pobj->m_recipientFirst;
@@ -119,9 +132,10 @@
}
}
- if (pIn == NULL) _COSE_InsertInList(&EnvelopedRoot, &pobj->m_message);
+ if (pIn == NULL)
+ _COSE_InsertInList(&EnvelopedRoot, &pobj->m_message);
- return(HCOSE_ENVELOPED) pobj;
+ return (HCOSE_ENVELOPED)pobj;
}
#endif
@@ -131,9 +145,10 @@
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context;
#endif
- COSE_Enveloped * p = (COSE_Enveloped *)h;
+ COSE_Enveloped *p = (COSE_Enveloped *)h;
- if (!IsValidEnvelopedHandle(h)) return false;
+ if (!IsValidEnvelopedHandle(h))
+ return false;
if (p->m_message.m_refCount > 1) {
p->m_message.m_refCount--;
@@ -155,15 +170,17 @@
#endif
#if INCLUDE_ENCRYPT || INCLUDE_MAC
-void _COSE_Enveloped_Release(COSE_Enveloped * p)
+void _COSE_Enveloped_Release(COSE_Enveloped *p)
{
- COSE_RecipientInfo * pRecipient1;
- COSE_RecipientInfo * pRecipient2;
+ COSE_RecipientInfo *pRecipient1;
+ COSE_RecipientInfo *pRecipient2;
- if (p->pbContent != NULL) COSE_FREE((void *) p->pbContent, &p->m_message.m_allocContext);
+ if (p->pbContent != NULL)
+ COSE_FREE((void *)p->pbContent, &p->m_message.m_allocContext);
// if (p->pbIV != NULL) COSE_FREE(p->pbIV, &p->m_message.m_allocContext);
- for (pRecipient1 = p->m_recipientFirst; pRecipient1 != NULL; pRecipient1 = pRecipient2) {
+ for (pRecipient1 = p->m_recipientFirst; pRecipient1 != NULL;
+ pRecipient1 = pRecipient2) {
pRecipient2 = pRecipient1->m_recipientNext;
COSE_Recipient_Free((HCOSE_RECIPIENT)pRecipient1);
}
@@ -173,127 +190,139 @@
#endif
#if INCLUDE_ENCRYPT
-bool COSE_Enveloped_decrypt(HCOSE_ENVELOPED h, HCOSE_RECIPIENT hRecip, cose_errback * perr)
+bool COSE_Enveloped_decrypt(HCOSE_ENVELOPED h,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback *perr)
{
- COSE_Enveloped * pcose = (COSE_Enveloped *)h;
- COSE_RecipientInfo * pRecip = (COSE_RecipientInfo *)hRecip;
+ COSE_Enveloped *pcose = (COSE_Enveloped *)h;
+ COSE_RecipientInfo *pRecip = (COSE_RecipientInfo *)hRecip;
bool f = false;
CHECK_CONDITION(IsValidEnvelopedHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(IsValidRecipientHandle(hRecip), COSE_ERR_INVALID_HANDLE);
- CHECK_CONDITION(pcose->m_recipientFirst != NULL, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ pcose->m_recipientFirst != NULL, COSE_ERR_INVALID_PARAMETER);
f = _COSE_Enveloped_decrypt(pcose, pRecip, NULL, 0, "Encrypt", perr);
- errorReturn:
+errorReturn:
return f;
}
#endif
#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0
-bool _COSE_Enveloped_decrypt(COSE_Enveloped * pcose, COSE_RecipientInfo * pRecip, const byte *pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
+bool _COSE_Enveloped_decrypt(COSE_Enveloped *pcose,
+ COSE_RecipientInfo *pRecip,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr)
{
int alg;
- const cn_cbor * cn = NULL;
- byte * pbKeyNew = NULL;
- const byte * pbKey = NULL;
+ const cn_cbor *cn = NULL;
+ byte *pbKeyNew = NULL;
+ const byte *pbKey = NULL;
size_t cbitKey = 0;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context;
+ cn_cbor_context *context;
#endif
- byte * pbAuthData = NULL;
+ byte *pbAuthData = NULL;
size_t cbAuthData;
#ifdef USE_CBOR_CONTEXT
context = &pcose->m_message.m_allocContext;
#endif
- CHECK_CONDITION(!((pRecip != NULL) && (pbKeyIn != NULL)), COSE_ERR_INTERNAL);
+ CHECK_CONDITION(
+ !((pRecip != NULL) && (pbKeyIn != NULL)), COSE_ERR_INTERNAL);
- cn = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ cn = _COSE_map_get_int(
+ &pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
if (cn == NULL) {
error:
errorReturn:
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
if (pbKeyNew != NULL) {
memset(pbKeyNew, 0xff, cbitKey / 8);
COSE_FREE(pbKeyNew, context);
}
return false;
}
- CHECK_CONDITION((cn->type == CN_CBOR_UINT) || (cn->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
- alg = (int) cn->v.uint;
+ CHECK_CONDITION((cn->type == CN_CBOR_UINT) || (cn->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
+ alg = (int)cn->v.uint;
switch (alg) {
#ifdef USE_AES_CCM_16_64_128
- case COSE_Algorithm_AES_CCM_16_64_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_128
- case COSE_Algorithm_AES_CCM_16_128_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_128
- case COSE_Algorithm_AES_CCM_64_64_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_128
- case COSE_Algorithm_AES_CCM_64_128_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_256
- case COSE_Algorithm_AES_CCM_64_64_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_256
- case COSE_Algorithm_AES_CCM_16_128_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_256
- case COSE_Algorithm_AES_CCM_64_128_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_CCM_16_64_256
- case COSE_Algorithm_AES_CCM_16_64_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_GCM_128
- case COSE_Algorithm_AES_GCM_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_GCM_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_GCM_192
- case COSE_Algorithm_AES_GCM_192:
- cbitKey = 192;
- break;
+ case COSE_Algorithm_AES_GCM_192:
+ cbitKey = 192;
+ break;
#endif
#ifdef USE_AES_GCM_256
- case COSE_Algorithm_AES_GCM_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_GCM_256:
+ cbitKey = 256;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
//
@@ -317,119 +346,152 @@
// If there is a recipient - ask it for the key
if (pRecip != NULL) {
- COSE_RecipientInfo * pRecipX;
+ COSE_RecipientInfo *pRecipX;
- for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL; pRecipX = pRecipX->m_recipientNext) {
+ for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL;
+ pRecipX = pRecipX->m_recipientNext) {
if (pRecipX == pRecip) {
- if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) goto errorReturn;
+ if (!_COSE_Recipient_decrypt(
+ pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr))
+ goto errorReturn;
break;
- }
- else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
- if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) break;
+ } else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
+ if (_COSE_Recipient_decrypt(
+ pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr))
+ break;
}
}
CHECK_CONDITION(pRecipX != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
- }
- else {
- for (pRecip = pcose->m_recipientFirst; pRecip != NULL; pRecip = pRecip->m_recipientNext) {
- if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKeyNew, perr)) break;
+ } else {
+ for (pRecip = pcose->m_recipientFirst; pRecip != NULL;
+ pRecip = pRecip->m_recipientNext) {
+ if (_COSE_Recipient_decrypt(
+ pRecip, NULL, alg, cbitKey, pbKeyNew, perr))
+ break;
}
CHECK_CONDITION(pRecip != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
}
-#endif // INCLUDE_ENCRYPT
+#endif // INCLUDE_ENCRYPT
// Build authenticated data
- if (!_COSE_Encrypt_Build_AAD(&pcose->m_message, &pbAuthData, &cbAuthData, szContext, perr)) goto errorReturn;
+ if (!_COSE_Encrypt_Build_AAD(
+ &pcose->m_message, &pbAuthData, &cbAuthData, szContext, perr))
+ goto errorReturn;
cn = _COSE_arrayget_int(&pcose->m_message, INDEX_BODY);
CHECK_CONDITION(cn != NULL, COSE_ERR_INVALID_PARAMETER);
switch (alg) {
#ifdef USE_AES_CCM_16_64_128
- case COSE_Algorithm_AES_CCM_16_64_128:
- if (!AES_CCM_Decrypt(pcose, 64, 16, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_128:
+ if (!AES_CCM_Decrypt(pcose, 64, 16, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_16_64_256
- case COSE_Algorithm_AES_CCM_16_64_256:
- if (!AES_CCM_Decrypt(pcose, 64, 16, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_256:
+ if (!AES_CCM_Decrypt(pcose, 64, 16, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_128
- case COSE_Algorithm_AES_CCM_16_128_128:
- if (!AES_CCM_Decrypt(pcose, 128, 16, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_128:
+ if (!AES_CCM_Decrypt(pcose, 128, 16, pbKey, cbitKey / 8,
+ cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_256
- case COSE_Algorithm_AES_CCM_16_128_256:
- if (!AES_CCM_Decrypt(pcose, 128, 16, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_256:
+ if (!AES_CCM_Decrypt(pcose, 128, 16, pbKey, cbitKey / 8,
+ cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_128
- case COSE_Algorithm_AES_CCM_64_64_128:
- if (!AES_CCM_Decrypt(pcose, 64, 64, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_128:
+ if (!AES_CCM_Decrypt(pcose, 64, 64, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_256
- case COSE_Algorithm_AES_CCM_64_64_256:
- if (!AES_CCM_Decrypt(pcose, 64, 64, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_256:
+ if (!AES_CCM_Decrypt(pcose, 64, 64, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_128
- case COSE_Algorithm_AES_CCM_64_128_128:
- if (!AES_CCM_Decrypt(pcose, 128, 64, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_128:
+ if (!AES_CCM_Decrypt(pcose, 128, 64, pbKey, cbitKey / 8,
+ cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_256
- case COSE_Algorithm_AES_CCM_64_128_256:
- if (!AES_CCM_Decrypt(pcose, 128, 64, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_256:
+ if (!AES_CCM_Decrypt(pcose, 128, 64, pbKey, cbitKey / 8,
+ cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_GCM_128
- case COSE_Algorithm_AES_GCM_128:
- if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_GCM_128:
+ if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_GCM_192
- case COSE_Algorithm_AES_GCM_192:
- if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_GCM_192:
+ if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
#ifdef USE_AES_GCM_256
- case COSE_Algorithm_AES_GCM_256:
- if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, cn->v.bytes, cn->length, pbAuthData, cbAuthData, perr)) goto error;
- break;
+ case COSE_Algorithm_AES_GCM_256:
+ if (!AES_GCM_Decrypt(pcose, pbKey, cbitKey / 8, cn->v.bytes,
+ cn->length, pbAuthData, cbAuthData, perr))
+ goto error;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if (pbKeyNew != NULL) COSE_FREE(pbKeyNew, context);
- if (perr != NULL) perr->err = COSE_ERR_NONE;
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
+ if (pbKeyNew != NULL)
+ COSE_FREE(pbKeyNew, context);
+ if (perr != NULL)
+ perr->err = COSE_ERR_NONE;
return true;
}
#endif
#if INCLUDE_ENCRYPT
-bool COSE_Enveloped_encrypt(HCOSE_ENVELOPED h, cose_errback * perr)
+bool COSE_Enveloped_encrypt(HCOSE_ENVELOPED h, cose_errback *perr)
{
- COSE_Enveloped * pcose = (COSE_Enveloped *)h;
+ COSE_Enveloped *pcose = (COSE_Enveloped *)h;
CHECK_CONDITION(IsValidEnvelopedHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(pcose->m_recipientFirst != NULL, COSE_ERR_INVALID_HANDLE);
@@ -442,100 +504,108 @@
#endif
#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0
-bool _COSE_Enveloped_encrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
+bool _COSE_Enveloped_encrypt(COSE_Enveloped *pcose,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr)
{
int alg;
int t;
- COSE_RecipientInfo * pri;
- const cn_cbor * cn_Alg = NULL;
- byte * pbAuthData = NULL;
+ COSE_RecipientInfo *pri;
+ const cn_cbor *cn_Alg = NULL;
+ byte *pbAuthData = NULL;
size_t cbitKey;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
bool fRet = false;
- byte * pbKeyNew = NULL;
- const byte * pbKey = NULL;
+ byte *pbKeyNew = NULL;
+ const byte *pbKey = NULL;
size_t cbKey = 0;
- cn_Alg = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn_Alg == NULL) goto errorReturn;
+ cn_Alg = _COSE_map_get_int(
+ &pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn_Alg == NULL)
+ goto errorReturn;
CHECK_CONDITION((cn_Alg->type != CN_CBOR_TEXT), COSE_ERR_UNKNOWN_ALGORITHM);
- CHECK_CONDITION((cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
- alg = (int) cn_Alg->v.uint;
+ CHECK_CONDITION(
+ (cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
+ alg = (int)cn_Alg->v.uint;
// Get the key size
switch (alg) {
#ifdef USE_AES_CCM_64_64_128
- case COSE_Algorithm_AES_CCM_64_64_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_128
- case COSE_Algorithm_AES_CCM_16_128_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_128
- case COSE_Algorithm_AES_CCM_64_128_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_16_64_128
- case COSE_Algorithm_AES_CCM_16_64_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_256
- case COSE_Algorithm_AES_CCM_64_64_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_256
- case COSE_Algorithm_AES_CCM_16_128_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_256
- case COSE_Algorithm_AES_CCM_64_128_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_CCM_16_64_256
- case COSE_Algorithm_AES_CCM_16_64_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_AES_GCM_128
- case COSE_Algorithm_AES_GCM_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_GCM_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_GCM_192
- case COSE_Algorithm_AES_GCM_192:
- cbitKey = 192;
- break;
+ case COSE_Algorithm_AES_GCM_192:
+ cbitKey = 192;
+ break;
#endif
#ifdef USE_AES_GCM_256
- case COSE_Algorithm_AES_GCM_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_GCM_256:
+ cbitKey = 256;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
}
// Enveloped or Encrypted?
@@ -550,16 +620,18 @@
// If we are doing direct encryption - then recipient generates the key
t = 0;
- for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
+ for (pri = pcose->m_recipientFirst; pri != NULL;
+ pri = pri->m_recipientNext) {
if (pri->m_encrypt.m_message.m_flags & 1) {
CHECK_CONDITION(pbKey == NULL, COSE_ERR_INVALID_PARAMETER);
t |= 1;
- pbKeyNew = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
+ pbKeyNew =
+ _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
cbKey = cbitKey / 8;
- if (pbKeyNew == NULL) goto errorReturn;
- }
- else {
+ if (pbKeyNew == NULL)
+ goto errorReturn;
+ } else {
t |= 2;
}
}
@@ -573,17 +645,19 @@
}
pbKey = pbKeyNew;
}
-#endif // INCLUDE_ENCRYPT
+#endif // INCLUDE_ENCRYPT
// Build protected headers
- const cn_cbor * cbProtected = _COSE_encode_protected(&pcose->m_message, perr);
- if (cbProtected == NULL) goto errorReturn;
-
+ const cn_cbor *cbProtected =
+ _COSE_encode_protected(&pcose->m_message, perr);
+ if (cbProtected == NULL)
+ goto errorReturn;
#ifdef USE_COUNTER_SIGNATURES
// Setup Counter Signatures
- if (!_COSE_CountSign_create(&pcose->m_message, NULL, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_CountSign_create(
+ &pcose->m_message, NULL, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
#endif
@@ -591,91 +665,118 @@
// Build authenticated data
size_t cbAuthData = 0;
- if (!_COSE_Encrypt_Build_AAD(&pcose->m_message, &pbAuthData, &cbAuthData, szContext, perr)) goto errorReturn;
+ if (!_COSE_Encrypt_Build_AAD(
+ &pcose->m_message, &pbAuthData, &cbAuthData, szContext, perr))
+ goto errorReturn;
switch (alg) {
#ifdef USE_AES_CCM_16_64_128
- case COSE_Algorithm_AES_CCM_16_64_128:
- if (!AES_CCM_Encrypt(pcose, 64, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_128:
+ if (!AES_CCM_Encrypt(
+ pcose, 64, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_16_64_256
- case COSE_Algorithm_AES_CCM_16_64_256:
- if (!AES_CCM_Encrypt(pcose, 64, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_16_64_256:
+ if (!AES_CCM_Encrypt(
+ pcose, 64, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_128
- case COSE_Algorithm_AES_CCM_16_128_128:
- if (!AES_CCM_Encrypt(pcose, 128, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_128:
+ if (!AES_CCM_Encrypt(
+ pcose, 128, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_16_128_256
- case COSE_Algorithm_AES_CCM_16_128_256:
- if (!AES_CCM_Encrypt(pcose, 128, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_16_128_256:
+ if (!AES_CCM_Encrypt(
+ pcose, 128, 16, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_128
- case COSE_Algorithm_AES_CCM_64_64_128:
- if (!AES_CCM_Encrypt(pcose, 64, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_128:
+ if (!AES_CCM_Encrypt(
+ pcose, 64, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_64_64_256
- case COSE_Algorithm_AES_CCM_64_64_256:
- if (!AES_CCM_Encrypt(pcose, 64, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_64_64_256:
+ if (!AES_CCM_Encrypt(
+ pcose, 64, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_128
- case COSE_Algorithm_AES_CCM_64_128_128:
- if (!AES_CCM_Encrypt(pcose, 128, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_128:
+ if (!AES_CCM_Encrypt(
+ pcose, 128, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CCM_64_128_256
- case COSE_Algorithm_AES_CCM_64_128_256:
- if (!AES_CCM_Encrypt(pcose, 128, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_CCM_64_128_256:
+ if (!AES_CCM_Encrypt(
+ pcose, 128, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_GCM_128
- case COSE_Algorithm_AES_GCM_128:
- if (!AES_GCM_Encrypt(pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_GCM_128:
+ if (!AES_GCM_Encrypt(
+ pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_GCM_192
- case COSE_Algorithm_AES_GCM_192:
- if (!AES_GCM_Encrypt(pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_GCM_192:
+ if (!AES_GCM_Encrypt(
+ pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_GCM_256
- case COSE_Algorithm_AES_GCM_256:
- if (!AES_GCM_Encrypt(pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_AES_GCM_256:
+ if (!AES_GCM_Encrypt(
+ pcose, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
}
-#ifdef INCLUDE_ENCRYPT
- for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
- if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr)) goto errorReturn;
+#ifdef INCLUDE_ENCRYPT
+ for (pri = pcose->m_recipientFirst; pri != NULL;
+ pri = pri->m_recipientNext) {
+ if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr))
+ goto errorReturn;
}
-#endif // INCLUDE_ENCRYPT
+#endif // INCLUDE_ENCRYPT
// Figure out the clean up
fRet = true;
errorReturn:
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
if (pbKeyNew != NULL) {
memset(pbKeyNew, 0, cbKey);
COSE_FREE(pbKeyNew, context);
@@ -685,7 +786,10 @@
#endif
#if INCLUDE_ENCRYPT
-bool COSE_Enveloped_SetContent(HCOSE_ENVELOPED h, const byte * rgb, size_t cb, cose_errback * perr)
+bool COSE_Enveloped_SetContent(HCOSE_ENVELOPED h,
+ const byte *rgb,
+ size_t cb,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidEnvelopedHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(rgb != NULL, COSE_ERR_INVALID_PARAMETER);
@@ -697,38 +801,48 @@
}
/*!
-* @brief Set the application external data for authentication
-*
-* Enveloped data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE Enveloped data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * Enveloped data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE Enveloped data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Enveloped_SetExternal(HCOSE_ENVELOPED hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Enveloped_SetExternal(HCOSE_ENVELOPED hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidEnvelopedHandle(hcose), COSE_ERR_INVALID_HANDLE)
- CHECK_CONDITION((pbExternalData != NULL) || (cbExternalData == 0), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((pbExternalData != NULL) || (cbExternalData == 0),
+ COSE_ERR_INVALID_PARAMETER);
- return _COSE_SetExternal(&((COSE_Enveloped *)hcose)->m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(&((COSE_Enveloped *)hcose)->m_message,
+ pbExternalData, cbExternalData, perr);
errorReturn:
return false;
}
-
-bool _COSE_Enveloped_SetContent(COSE_Enveloped * cose, const byte * rgb, size_t cb, cose_errback * perror)
+bool _COSE_Enveloped_SetContent(COSE_Enveloped *cose,
+ const byte *rgb,
+ size_t cb,
+ cose_errback *perror)
{
- byte * pb;
- cose->pbContent = pb = (byte *)COSE_CALLOC(cb, 1, &cose->m_message.m_allocContext);
+ byte *pb;
+ cose->pbContent = pb =
+ (byte *)COSE_CALLOC(cb, 1, &cose->m_message.m_allocContext);
if (cose->pbContent == NULL) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
memcpy(pb, rgb, cb);
@@ -738,46 +852,57 @@
}
/*! brief Retrieve header parameter from an enveloped message structure
-*
-* Retrieve a header parameter from the message.
-* Retrieved object is the same as the one in the message - do not delete it
-*
-* @param[in] h Handle of recipient object
-* @param[in] key Key to look for
-* @param[in] flags What buckets should we look for the message
-* @param[out] perror Location to return error codes
-* @return Object which is found or NULL
-*/
+ *
+ * Retrieve a header parameter from the message.
+ * Retrieved object is the same as the one in the message - do not delete it
+ *
+ * @param[in] h Handle of recipient object
+ * @param[in] key Key to look for
+ * @param[in] flags What buckets should we look for the message
+ * @param[out] perror Location to return error codes
+ * @return Object which is found or NULL
+ */
-cn_cbor * COSE_Enveloped_map_get_int(HCOSE_ENVELOPED h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Enveloped_map_get_int(HCOSE_ENVELOPED h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidEnvelopedHandle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_HANDLE;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_HANDLE;
return NULL;
}
- return _COSE_map_get_int(&((COSE_Enveloped *)h)->m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_Enveloped *)h)->m_message, key, flags, perror);
}
-
-bool COSE_Enveloped_map_put_int(HCOSE_ENVELOPED h, int key, cn_cbor * value, int flags, cose_errback * perr)
+bool COSE_Enveloped_map_put_int(HCOSE_ENVELOPED h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidEnvelopedHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(value != NULL, COSE_ERR_INVALID_PARAMETER);
- return _COSE_map_put(&((COSE_Enveloped *)h)->m_message, key, value, flags, perr);
+ return _COSE_map_put(
+ &((COSE_Enveloped *)h)->m_message, key, value, flags, perr);
errorReturn:
return false;
}
-bool COSE_Enveloped_AddRecipient(HCOSE_ENVELOPED hEnc, HCOSE_RECIPIENT hRecip, cose_errback * perr)
+bool COSE_Enveloped_AddRecipient(HCOSE_ENVELOPED hEnc,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback *perr)
{
- COSE_RecipientInfo * pRecip;
- COSE_Enveloped * pEncrypt;
- cn_cbor * pRecipients = NULL;
+ COSE_RecipientInfo *pRecip;
+ COSE_Enveloped *pEncrypt;
+ cn_cbor *pRecipients = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context;
+ cn_cbor_context *context;
#endif
cn_cbor_errback cbor_error;
@@ -789,24 +914,29 @@
#ifdef USE_CBOR_CONTEXT
context = &pEncrypt->m_message.m_allocContext;
-#endif // USE_CBOR_CONTEXT
+#endif // USE_CBOR_CONTEXT
pRecip->m_recipientNext = pEncrypt->m_recipientFirst;
pEncrypt->m_recipientFirst = pRecip;
pRecipients = _COSE_arrayget_int(&pEncrypt->m_message, INDEX_RECIPIENTS);
if (pRecipients == NULL) {
- pRecipients = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pRecipients =
+ cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pRecipients != NULL, cbor_error);
- if (!_COSE_array_replace(&pEncrypt->m_message, pRecipients, INDEX_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA &cbor_error)) {
+ if (!_COSE_array_replace(&pEncrypt->m_message, pRecipients,
+ INDEX_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA & cbor_error)) {
CN_CBOR_FREE(pRecipients, context);
- if (perr != NULL) perr->err = _MapFromCBOR(cbor_error);
+ if (perr != NULL)
+ perr->err = _MapFromCBOR(cbor_error);
goto errorReturn;
}
}
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients, pRecip->m_encrypt.m_message.m_cbor, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients,
+ pRecip->m_encrypt.m_message.m_cbor, &cbor_error),
+ cbor_error);
pRecip->m_encrypt.m_message.m_refCount++;
@@ -818,48 +948,60 @@
#endif
#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC || INCLUDE_MAC0
-bool _COSE_Encrypt_Build_AAD(COSE * pMessage, byte ** ppbAAD, size_t * pcbAAD, const char * szContext, cose_errback * perr)
+bool _COSE_Encrypt_Build_AAD(COSE *pMessage,
+ byte **ppbAAD,
+ size_t *pcbAAD,
+ const char *szContext,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pMessage->m_allocContext;
+ cn_cbor_context *context = &pMessage->m_allocContext;
#endif
cn_cbor_errback cbor_error;
- byte * pbAuthData = NULL;
+ byte *pbAuthData = NULL;
size_t cbAuthData;
- cn_cbor * pAuthData = NULL;
- cn_cbor * pItem = NULL;
- cn_cbor * ptmp = NULL;
+ cn_cbor *pAuthData = NULL;
+ cn_cbor *pItem = NULL;
+ cn_cbor *ptmp = NULL;
// Build authenticated data
- pAuthData = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pAuthData = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pAuthData != NULL, cbor_error);
- ptmp = cn_cbor_string_create(szContext, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp =
+ cn_cbor_string_create(szContext, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
ptmp = NULL;
pItem = _COSE_arrayget_int(pMessage, INDEX_PROTECTED);
CHECK_CONDITION(pItem != NULL, COSE_ERR_INVALID_PARAMETER);
if ((pItem->length == 1) && (pItem->v.bytes[0] == 0xa0)) {
- ptmp = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else {
- ptmp = cn_cbor_data_create(pItem->v.bytes, (int)pItem->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp =
+ cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else {
+ ptmp = cn_cbor_data_create(pItem->v.bytes, (int)pItem->length,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
}
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
ptmp = NULL;
- ptmp = cn_cbor_data_create(pMessage->m_pbExternal, (int) pMessage->m_cbExternal, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp = cn_cbor_data_create(pMessage->m_pbExternal,
+ (int)pMessage->m_cbExternal, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
ptmp = NULL;
cbAuthData = cn_cbor_encode_size(pAuthData);
pbAuthData = (byte *)COSE_CALLOC(cbAuthData, 1, context);
CHECK_CONDITION(pbAuthData != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION((size_t)cn_cbor_encoder_write(pbAuthData, 0, cbAuthData, pAuthData) == cbAuthData, COSE_ERR_CBOR);
+ CHECK_CONDITION((size_t)cn_cbor_encoder_write(
+ pbAuthData, 0, cbAuthData, pAuthData) == cbAuthData,
+ COSE_ERR_CBOR);
*ppbAAD = pbAuthData;
*pcbAAD = cbAuthData;
@@ -874,23 +1016,27 @@
printf("\n");
}
#endif
-
return true;
errorReturn:
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if (ptmp != NULL) CN_CBOR_FREE(ptmp, NULL);
- if (pAuthData != NULL) CN_CBOR_FREE(pAuthData, context);
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
+ if (ptmp != NULL)
+ CN_CBOR_FREE(ptmp, NULL);
+ if (pAuthData != NULL)
+ CN_CBOR_FREE(pAuthData, context);
return false;
}
#endif
#if INCLUDE_ENCRYPT
-HCOSE_RECIPIENT COSE_Enveloped_GetRecipient(HCOSE_ENVELOPED cose, int iRecipient, cose_errback * perr)
+HCOSE_RECIPIENT COSE_Enveloped_GetRecipient(HCOSE_ENVELOPED cose,
+ int iRecipient,
+ cose_errback *perr)
{
int i;
- COSE_RecipientInfo * p = NULL;
+ COSE_RecipientInfo *p = NULL;
CHECK_CONDITION(IsValidEnvelopedHandle(cose), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(iRecipient >= 0, COSE_ERR_INVALID_PARAMETER);
@@ -900,26 +1046,33 @@
CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
p = p->m_recipientNext;
}
- if (p != NULL) p->m_encrypt.m_message.m_refCount++;
+ if (p != NULL)
+ p->m_encrypt.m_message.m_refCount++;
errorReturn:
return (HCOSE_RECIPIENT)p;
}
#ifdef USE_COUNTER_SIGNATURES
-bool COSE_Enveloped_AddCounterSigner(HCOSE_ENCRYPT hEnv, HCOSE_COUNTERSIGN hSign, cose_errback * perr)
+bool COSE_Enveloped_AddCounterSigner(HCOSE_ENCRYPT hEnv,
+ HCOSE_COUNTERSIGN hSign,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidEncryptHandle(hEnv), COSE_ERR_INVALID_HANDLE);
- return _COSE_CounterSign_add(&((COSE_Enveloped *)hEnv)->m_message, hSign, perr);
+ return _COSE_CounterSign_add(
+ &((COSE_Enveloped *)hEnv)->m_message, hSign, perr);
errorReturn:
return false;
}
-HCOSE_COUNTERSIGN COSE_Enveloped_GetCounterSigner(HCOSE_ENCRYPT h, int iSigner, cose_errback * perr)
+HCOSE_COUNTERSIGN COSE_Enveloped_GetCounterSigner(HCOSE_ENCRYPT h,
+ int iSigner,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidEncryptHandle(h), COSE_ERR_INVALID_HANDLE);
- return _COSE_CounterSign_get(&((COSE_Enveloped *)h)->m_message, iSigner, perr);
+ return _COSE_CounterSign_get(
+ &((COSE_Enveloped *)h)->m_message, iSigner, perr);
errorReturn:
return NULL;
diff --git a/src/Encrypt0.c b/src/Encrypt0.c
index ad6b84c..fa0885a 100644
--- a/src/Encrypt0.c
+++ b/src/Encrypt0.c
@@ -1,6 +1,7 @@
/** \file Encrypt0.c
-* Contains implementation of the functions related to HCOSE_ENCRYPT handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_ENCRYPT handle
+ * objects.
+ */
#include <stdlib.h>
#ifndef __MBED__
@@ -15,41 +16,44 @@
#include "crypto.h"
#if INCLUDE_ENCRYPT0 || INCLUDE_MAC0
-void _COSE_Encrypt_Release(COSE_Encrypt * p);
+void _COSE_Encrypt_Release(COSE_Encrypt *p);
-static COSE * EncryptRoot = NULL;
+static COSE *EncryptRoot = NULL;
#endif
#if INCLUDE_ENCRYPT0
/*! \private
-* @brief Test if a HCOSE_ENCRYPT handle is valid
-*
-* Internal function to test if an encrypt message handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_ENCRYPT handle is valid
+ *
+ * Internal function to test if an encrypt message handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
bool IsValidEncryptHandle(HCOSE_ENCRYPT h)
{
- COSE_Encrypt * p = (COSE_Encrypt *)h;
+ COSE_Encrypt *p = (COSE_Encrypt *)h;
return _COSE_IsInList(EncryptRoot, (COSE *)p);
}
#endif
#if INCLUDE_ENCRYPT0 || INCLUDE_MAC0
-HCOSE_ENCRYPT COSE_Encrypt_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_ENCRYPT COSE_Encrypt_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
- COSE_Encrypt * pobj = (COSE_Encrypt *)COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
+ COSE_Encrypt *pobj =
+ (COSE_Encrypt *)COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init(flags, &pobj->m_message, COSE_enveloped_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags, &pobj->m_message, COSE_enveloped_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
_COSE_Encrypt_Release(pobj);
COSE_FREE(pobj, context);
return NULL;
@@ -57,7 +61,7 @@
_COSE_InsertInList(&EncryptRoot, &pobj->m_message);
- return (HCOSE_ENCRYPT) pobj;
+ return (HCOSE_ENCRYPT)pobj;
errorReturn:
return NULL;
@@ -65,55 +69,63 @@
#endif
#if INCLUDE_ENCRYPT0
-HCOSE_ENCRYPT COSE_Encrypt_Init_From_Object(cn_cbor * cbor, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_ENCRYPT COSE_Encrypt_Init_From_Object(cn_cbor *cbor,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_Encrypt * pobj;
+ COSE_Encrypt *pobj;
- cose_errback error = { 0 };
- if (perr == NULL) perr = &error;
+ cose_errback error = {0};
+ if (perr == NULL)
+ perr = &error;
- pobj = (COSE_Encrypt *) COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
- if (pobj == NULL) {
- perr->err = COSE_ERR_OUT_OF_MEMORY;
- errorReturn:
- if (pobj != NULL) {
- _COSE_Encrypt_Release(pobj);
- COSE_FREE(pobj, context);
- }
- return NULL;
- }
-
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
- goto errorReturn;
- }
-
- _COSE_InsertInList(&EncryptRoot, &pobj->m_message);
-
- return(HCOSE_ENCRYPT) pobj;
-
-}
-#endif
-
-#if INCLUDE_ENCRYPT0
-HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor * cbor, COSE_Encrypt * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
-{
- COSE_Encrypt * pobj = pIn;
- cn_cbor * pRecipients = NULL;
- cose_errback error = { 0 };
- if (perr == NULL) perr = &error;
-
- if (pobj == NULL) pobj = (COSE_Encrypt *)COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
+ pobj = (COSE_Encrypt *)COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
if (pobj == NULL) {
perr->err = COSE_ERR_OUT_OF_MEMORY;
errorReturn:
if (pobj != NULL) {
_COSE_Encrypt_Release(pobj);
- if (pIn == NULL) COSE_FREE(pobj, context);
+ COSE_FREE(pobj, context);
}
return NULL;
}
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ goto errorReturn;
+ }
+
+ _COSE_InsertInList(&EncryptRoot, &pobj->m_message);
+
+ return (HCOSE_ENCRYPT)pobj;
+}
+#endif
+
+#if INCLUDE_ENCRYPT0
+HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor *cbor,
+ COSE_Encrypt *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
+{
+ COSE_Encrypt *pobj = pIn;
+ cn_cbor *pRecipients = NULL;
+ cose_errback error = {0};
+ if (perr == NULL)
+ perr = &error;
+
+ if (pobj == NULL)
+ pobj = (COSE_Encrypt *)COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
+ if (pobj == NULL) {
+ perr->err = COSE_ERR_OUT_OF_MEMORY;
+ errorReturn:
+ if (pobj != NULL) {
+ _COSE_Encrypt_Release(pobj);
+ if (pIn == NULL)
+ COSE_FREE(pobj, context);
+ }
+ return NULL;
+ }
+
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
@@ -122,7 +134,7 @@
_COSE_InsertInList(&EncryptRoot, &pobj->m_message);
- return(HCOSE_ENCRYPT) pobj;
+ return (HCOSE_ENCRYPT)pobj;
}
bool COSE_Encrypt_Free(HCOSE_ENCRYPT h)
@@ -130,9 +142,10 @@
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context;
#endif
- COSE_Encrypt * pEncrypt = (COSE_Encrypt *)h;
+ COSE_Encrypt *pEncrypt = (COSE_Encrypt *)h;
- if (!IsValidEncryptHandle(h)) return false;
+ if (!IsValidEncryptHandle(h))
+ return false;
#ifdef USE_CBOR_CONTEXT
context = &((COSE_Encrypt *)h)->m_message.m_allocContext;
@@ -141,7 +154,7 @@
_COSE_Encrypt_Release(pEncrypt);
_COSE_RemoveFromList(&EncryptRoot, &pEncrypt->m_message);
-
+
COSE_FREE((COSE_Encrypt *)h, context);
return true;
@@ -149,22 +162,27 @@
#endif
#if INCLUDE_ENCRYPT0 || INCLUDE_MAC0
-void _COSE_Encrypt_Release(COSE_Encrypt * p)
+void _COSE_Encrypt_Release(COSE_Encrypt *p)
{
- if (p->pbContent != NULL) COSE_FREE((void *) p->pbContent, &p->m_message.m_allocContext);
+ if (p->pbContent != NULL)
+ COSE_FREE((void *)p->pbContent, &p->m_message.m_allocContext);
_COSE_Release(&p->m_message);
}
#endif
#if INCLUDE_ENCRYPT0
-bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
+bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT h,
+ const byte *pbKey,
+ size_t cbKey,
+ cose_errback *perr)
{
- COSE_Encrypt * pcose = (COSE_Encrypt *)h;
+ COSE_Encrypt *pcose = (COSE_Encrypt *)h;
bool f;
if (!IsValidEncryptHandle(h)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
@@ -172,46 +190,61 @@
return f;
}
-bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT h, const byte * pbKey, size_t cbKey, cose_errback * perr)
+bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT h,
+ const byte *pbKey,
+ size_t cbKey,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidEncryptHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(pbKey != NULL, COSE_ERR_INVALID_PARAMETER);
- return _COSE_Enveloped_encrypt((COSE_Encrypt *)h, pbKey, cbKey, "Encrypt0", perr);
+ return _COSE_Enveloped_encrypt(
+ (COSE_Encrypt *)h, pbKey, cbKey, "Encrypt0", perr);
errorReturn:
return false;
}
-const byte * COSE_Encrypt_GetContent(HCOSE_ENCRYPT h, size_t * pcbContent, cose_errback * perror)
+const byte *COSE_Encrypt_GetContent(HCOSE_ENCRYPT h,
+ size_t *pcbContent,
+ cose_errback *perror)
{
- COSE_Encrypt * cose = (COSE_Encrypt *) h;
- if (!IsValidEncryptHandle(h) || (pcbContent == NULL)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
- return false;
- }
+ COSE_Encrypt *cose = (COSE_Encrypt *)h;
+ if (!IsValidEncryptHandle(h) || (pcbContent == NULL)) {
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
+ return false;
+ }
- *pcbContent = cose->cbContent;
- return cose->pbContent;
+ *pcbContent = cose->cbContent;
+ return cose->pbContent;
}
-
-bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT h, const byte * rgb, size_t cb, cose_errback * perror)
+bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT h,
+ const byte *rgb,
+ size_t cb,
+ cose_errback *perror)
{
if (!IsValidEncryptHandle(h) || (rgb == NULL)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
return _COSE_Encrypt_SetContent((COSE_Encrypt *)h, rgb, cb, perror);
}
-bool _COSE_Encrypt_SetContent(COSE_Encrypt * cose, const byte * rgb, size_t cb, cose_errback * perror)
+bool _COSE_Encrypt_SetContent(COSE_Encrypt *cose,
+ const byte *rgb,
+ size_t cb,
+ cose_errback *perror)
{
- byte * pb;
- cose->pbContent = pb = (byte *)COSE_CALLOC(cb, 1, &cose->m_message.m_allocContext);
+ byte *pb;
+ cose->pbContent = pb =
+ (byte *)COSE_CALLOC(cb, 1, &cose->m_message.m_allocContext);
if (cose->pbContent == NULL) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
memcpy(pb, rgb, cb);
@@ -221,49 +254,65 @@
}
/*!
-* @brief Set the application external data for authentication
-*
-* Enveloped data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE Enveloped data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * Enveloped data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE Enveloped data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Encrypt_SetExternal(HCOSE_ENCRYPT hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Encrypt_SetExternal(HCOSE_ENCRYPT hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
if (!IsValidEncryptHandle(hcose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
- return _COSE_SetExternal(&((COSE_Encrypt *)hcose)->m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(&((COSE_Encrypt *)hcose)->m_message,
+ pbExternalData, cbExternalData, perr);
}
-cn_cbor * COSE_Encrypt_map_get_int(HCOSE_ENCRYPT h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Encrypt_map_get_int(HCOSE_ENCRYPT h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidEncryptHandle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return NULL;
}
- return _COSE_map_get_int(&((COSE_Encrypt *)h)->m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_Encrypt *)h)->m_message, key, flags, perror);
}
-
-bool COSE_Encrypt_map_put_int(HCOSE_ENCRYPT h, int key, cn_cbor * value, int flags, cose_errback * perror)
+bool COSE_Encrypt_map_put_int(HCOSE_ENCRYPT h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidEncryptHandle(h) || (value == NULL)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
- return _COSE_map_put(&((COSE_Encrypt *)h)->m_message, key, value, flags, perror);
+ return _COSE_map_put(
+ &((COSE_Encrypt *)h)->m_message, key, value, flags, perror);
}
#endif
diff --git a/src/MacMessage.c b/src/MacMessage.c
index 0ee00a3..a051be5 100644
--- a/src/MacMessage.c
+++ b/src/MacMessage.c
@@ -1,6 +1,6 @@
/** \file MacMessage.c
-* Contains implementation of the functions related to HCOSE_MAC handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_MAC handle objects.
+ */
#include <stdlib.h>
#ifndef __MBED__
@@ -17,39 +17,40 @@
#if INCLUDE_MAC
-static COSE * MacRoot = NULL;
+static COSE *MacRoot = NULL;
/*! \private
-* @brief Test if a HCOSE_MAC handle is valid
-*
-* Internal function to test if a MAC message handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_MAC handle is valid
+ *
+ * Internal function to test if a MAC message handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
bool IsValidMacHandle(HCOSE_MAC h)
{
- COSE_MacMessage * p = (COSE_MacMessage *)h;
- return _COSE_IsInList(MacRoot, (COSE *) p);
+ COSE_MacMessage *p = (COSE_MacMessage *)h;
+ return _COSE_IsInList(MacRoot, (COSE *)p);
}
-
-HCOSE_MAC COSE_Mac_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_MAC COSE_Mac_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_MacMessage * pobj = NULL;
+ COSE_MacMessage *pobj = NULL;
CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
pobj = (COSE_MacMessage *)COSE_CALLOC(1, sizeof(COSE_MacMessage), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init(flags, &pobj->m_message, COSE_mac_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags, &pobj->m_message, COSE_mac_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
@@ -65,15 +66,20 @@
return NULL;
}
-HCOSE_MAC _COSE_Mac_Init_From_Object(cn_cbor * cbor, COSE_MacMessage * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_MAC _COSE_Mac_Init_From_Object(cn_cbor *cbor,
+ COSE_MacMessage *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_MacMessage * pobj = pIn;
- cn_cbor * pRecipients = NULL;
+ COSE_MacMessage *pobj = pIn;
+ cn_cbor *pRecipients = NULL;
// cn_cbor * tmp;
- cose_errback error = { COSE_ERR_NONE };
- if (perr == NULL) perr = &error;
+ cose_errback error = {COSE_ERR_NONE};
+ if (perr == NULL)
+ perr = &error;
- if (pobj == NULL) pobj = (COSE_MacMessage *)COSE_CALLOC(1, sizeof(COSE_MacMessage), context);
+ if (pobj == NULL)
+ pobj =
+ (COSE_MacMessage *)COSE_CALLOC(1, sizeof(COSE_MacMessage), context);
if (pobj == NULL) {
perr->err = COSE_ERR_OUT_OF_MEMORY;
errorReturn:
@@ -86,18 +92,22 @@
return NULL;
}
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
pRecipients = _COSE_arrayget_int(&pobj->m_message, INDEX_MAC_RECIPIENTS);
if (pRecipients != NULL) {
- CHECK_CONDITION(pRecipients->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ pRecipients->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
pRecipients = pRecipients->first_child;
while (pRecipients != NULL) {
- COSE_RecipientInfo * pInfo = _COSE_Recipient_Init_From_Object(pRecipients, CBOR_CONTEXT_PARAM_COMMA perr);
- if (pInfo == NULL) goto errorReturn;
+ COSE_RecipientInfo *pInfo = _COSE_Recipient_Init_From_Object(
+ pRecipients, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (pInfo == NULL)
+ goto errorReturn;
pInfo->m_recipientNext = pobj->m_recipientFirst;
pobj->m_recipientFirst = pInfo;
@@ -107,7 +117,7 @@
_COSE_InsertInList(&MacRoot, &pobj->m_message);
- return(HCOSE_MAC)pobj;
+ return (HCOSE_MAC)pobj;
}
bool COSE_Mac_Free(HCOSE_MAC h)
@@ -115,9 +125,10 @@
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context;
#endif
- COSE_MacMessage * p = (COSE_MacMessage *)h;
+ COSE_MacMessage *p = (COSE_MacMessage *)h;
- if (!IsValidMacHandle(h)) return false;
+ if (!IsValidMacHandle(h))
+ return false;
if (p->m_message.m_refCount > 1) {
p->m_message.m_refCount--;
@@ -137,12 +148,13 @@
return true;
}
-bool _COSE_Mac_Release(COSE_MacMessage * p)
+bool _COSE_Mac_Release(COSE_MacMessage *p)
{
- COSE_RecipientInfo * pRecipient;
- COSE_RecipientInfo * pRecipient2;
+ COSE_RecipientInfo *pRecipient;
+ COSE_RecipientInfo *pRecipient2;
- for (pRecipient = p->m_recipientFirst; pRecipient != NULL; pRecipient = pRecipient2) {
+ for (pRecipient = p->m_recipientFirst; pRecipient != NULL;
+ pRecipient = pRecipient2) {
pRecipient2 = pRecipient->m_recipientNext;
_COSE_Recipient_Free(pRecipient);
}
@@ -152,89 +164,114 @@
return true;
}
-
-bool COSE_Mac_SetContent(HCOSE_MAC cose, const byte * rgbContent, size_t cbContent, cose_errback * perr)
+bool COSE_Mac_SetContent(HCOSE_MAC cose,
+ const byte *rgbContent,
+ size_t cbContent,
+ cose_errback *perr)
{
- COSE_MacMessage * p = (COSE_MacMessage *)cose;
-#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &p->m_message.m_allocContext;
+ COSE_MacMessage *p = (COSE_MacMessage *)cose;
+#ifdef USE_CBOR_CONTEXT
+ cn_cbor_context *context = &p->m_message.m_allocContext;
#endif
- cn_cbor * ptmp = NULL;
+ cn_cbor *ptmp = NULL;
cn_cbor_errback cbor_error;
CHECK_CONDITION(IsValidMacHandle(cose), COSE_ERR_INVALID_PARAMETER);
- ptmp = cn_cbor_data_create(rgbContent, (int) cbContent, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp = cn_cbor_data_create(
+ rgbContent, (int)cbContent, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(_COSE_array_replace(&p->m_message, ptmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(_COSE_array_replace(&p->m_message, ptmp, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
ptmp = NULL;
return true;
errorReturn:
- if (ptmp != NULL) CN_CBOR_FREE(ptmp, context);
+ if (ptmp != NULL)
+ CN_CBOR_FREE(ptmp, context);
return false;
}
/*!
-* @brief Set the application external data for authentication
-*
-* MAC data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE MAC data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * MAC data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE MAC data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Mac_SetExternal(HCOSE_MAC hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Mac_SetExternal(HCOSE_MAC hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
if (!IsValidMacHandle(hcose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
- return _COSE_SetExternal(&((COSE_MacMessage *)hcose)->m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(&((COSE_MacMessage *)hcose)->m_message,
+ pbExternalData, cbExternalData, perr);
}
-
-cn_cbor * COSE_Mac_map_get_int(HCOSE_MAC h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Mac_map_get_int(HCOSE_MAC h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidMacHandle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return NULL;
}
- return _COSE_map_get_int(&((COSE_MacMessage *)h)->m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_MacMessage *)h)->m_message, key, flags, perror);
}
-
-bool COSE_Mac_map_put_int(HCOSE_MAC h, int key, cn_cbor * value, int flags, cose_errback * perror)
+bool COSE_Mac_map_put_int(HCOSE_MAC h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidMacHandle(h) || (value == NULL)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
- return _COSE_map_put(&((COSE_MacMessage *)h)->m_message, key, value, flags, perror);
+ return _COSE_map_put(
+ &((COSE_MacMessage *)h)->m_message, key, value, flags, perror);
}
#endif
#if INCLUDE_MAC || INCLUDE_MAC0
-bool _COSE_Mac_Build_AAD(COSE * pCose, const char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool _COSE_Mac_Build_AAD(COSE *pCose,
+ const char *szContext,
+ byte **ppbAuthData,
+ size_t *pcbAuthData,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor * pAuthData = NULL;
+ cn_cbor *pAuthData = NULL;
bool fRet = false;
cn_cbor_errback cbor_error;
- cn_cbor * ptmp = NULL;
- cn_cbor * pcn;
+ cn_cbor *ptmp = NULL;
+ cn_cbor *pcn;
size_t cbAuthData;
- byte * pbAuthData = NULL;
+ byte *pbAuthData = NULL;
// Build authenticated data
// Protected headers
@@ -246,21 +283,24 @@
// Add the context string
- ptmp = cn_cbor_string_create(szContext, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp =
+ cn_cbor_string_create(szContext, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
ptmp = NULL;
// Add the protected attributes
pcn = _COSE_arrayget_int(pCose, INDEX_PROTECTED);
- CHECK_CONDITION((pcn != NULL) && (pcn->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((pcn != NULL) && (pcn->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
if ((pcn->length == 1) && (pcn->v.bytes[0] == 0xa0)) {
ptmp = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
- }
- else {
- ptmp = cn_cbor_data_create(pcn->v.bytes, (int)pcn->length, CBOR_CONTEXT_PARAM_COMMA NULL);
+ } else {
+ ptmp = cn_cbor_data_create(
+ pcn->v.bytes, (int)pcn->length, CBOR_CONTEXT_PARAM_COMMA NULL);
}
CHECK_CONDITION(ptmp != NULL, COSE_ERR_CBOR);
@@ -269,16 +309,20 @@
// Add the external bytes
- ptmp = cn_cbor_data_create(pCose->m_pbExternal, (int) pCose->m_cbExternal, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp = cn_cbor_data_create(pCose->m_pbExternal, (int)pCose->m_cbExternal,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
ptmp = NULL;
// Add the content
pcn = _COSE_arrayget_int(pCose, INDEX_BODY);
- ptmp = cn_cbor_data_create(pcn->v.bytes, (int)pcn->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp = cn_cbor_data_create(
+ pcn->v.bytes, (int)pcn->length, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pAuthData, ptmp, &cbor_error), cbor_error);
ptmp = NULL;
// Turn it into bytes
@@ -286,7 +330,9 @@
CHECK_CONDITION(cbAuthData > 0, COSE_ERR_CBOR);
pbAuthData = (byte *)COSE_CALLOC(cbAuthData, 1, context);
CHECK_CONDITION(pbAuthData != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(cn_cbor_encoder_write(pbAuthData, 0, cbAuthData, pAuthData) == (ssize_t)cbAuthData, COSE_ERR_CBOR);
+ CHECK_CONDITION(cn_cbor_encoder_write(pbAuthData, 0, cbAuthData,
+ pAuthData) == (ssize_t)cbAuthData,
+ COSE_ERR_CBOR);
*ppbAuthData = pbAuthData;
*pcbAuthData = cbAuthData;
@@ -294,231 +340,26 @@
fRet = true;
errorReturn:
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if (pAuthData != NULL) CN_CBOR_FREE(pAuthData, context);
- if (ptmp != NULL) CN_CBOR_FREE(ptmp, context);
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
+ if (pAuthData != NULL)
+ CN_CBOR_FREE(pAuthData, context);
+ if (ptmp != NULL)
+ CN_CBOR_FREE(ptmp, context);
return fRet;
}
#endif
#if INCLUDE_MAC
-bool COSE_Mac_encrypt(HCOSE_MAC h, cose_errback * perr)
+bool COSE_Mac_encrypt(HCOSE_MAC h, cose_errback *perr)
{
- COSE_MacMessage * pcose = (COSE_MacMessage *)h;
+ COSE_MacMessage *pcose = (COSE_MacMessage *)h;
CHECK_CONDITION(IsValidMacHandle(h), COSE_ERR_INVALID_HANDLE);
- CHECK_CONDITION(pcose->m_recipientFirst != NULL, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ pcose->m_recipientFirst != NULL, COSE_ERR_INVALID_PARAMETER);
- return _COSE_Mac_compute(pcose, NULL, 0, "MAC", perr);
-
- errorReturn:
- return false;
-}
-#endif
-
-#if INCLUDE_MAC || INCLUDE_MAC0
-bool _COSE_Mac_compute(COSE_MacMessage * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
-{
- int alg;
- int t;
- COSE_RecipientInfo * pri;
- const cn_cbor * cn_Alg = NULL;
- byte * pbAuthData = NULL;
- size_t cbitKey;
-#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
-#endif
- bool fRet = false;
- size_t cbAuthData = 0;
- const byte * pbKey = NULL;
- byte * pbKeyNew = NULL;
- size_t cbKey = 0;
-
- cn_Alg = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn_Alg == NULL) goto errorReturn;
- CHECK_CONDITION(cn_Alg->type != CN_CBOR_TEXT, COSE_ERR_UNKNOWN_ALGORITHM);
- CHECK_CONDITION(((cn_Alg->type == CN_CBOR_UINT || cn_Alg->type == CN_CBOR_INT)), COSE_ERR_INVALID_PARAMETER);
-
- alg = (int) cn_Alg->v.uint;
-
- // Get the key size
-
- switch (alg) {
-#ifdef USE_AES_CBC_MAC_128_64
- case COSE_Algorithm_CBC_MAC_128_64:
- cbitKey = 128;
- break;
-#endif
-
-#ifdef USE_AES_CBC_MAC_128_128
- case COSE_Algorithm_CBC_MAC_128_128:
- cbitKey = 128;
- break;
-#endif
-
-#ifdef USE_AES_CBC_MAC_256_64
- case COSE_Algorithm_CBC_MAC_256_64:
- cbitKey = 256;
- break;
-#endif
-
-#ifdef USE_AES_CBC_MAC_256_128
- case COSE_Algorithm_CBC_MAC_256_128:
- cbitKey = 256;
- break;
-#endif
-
-#ifdef USE_HMAC_256_64
- case COSE_Algorithm_HMAC_256_64:
- cbitKey = 256;
- break;
-#endif
-
-#ifdef USE_HMAC_256_256
- case COSE_Algorithm_HMAC_256_256:
- cbitKey = 256;
- break;
-#endif
-
-#ifdef USE_HMAC_384_384
- case COSE_Algorithm_HMAC_384_384:
- cbitKey = 384;
- break;
-#endif
-
-#ifdef USE_HMAC_512_512
- case COSE_Algorithm_HMAC_512_512:
- cbitKey = 512;
- break;
-#endif
-
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- }
-
- // If we are doing direct encryption - then recipient generates the key
-
- if (pbKeyIn != NULL) {
- CHECK_CONDITION(cbKeyIn == cbitKey / 8, COSE_ERR_INVALID_PARAMETER);
- pbKey = pbKeyIn;
- cbKey = cbKeyIn;
- }
- else {
- t = 0;
- for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
- if (pri->m_encrypt.m_message.m_flags & 1) {
- CHECK_CONDITION(pbKey == NULL, COSE_ERR_INVALID_PARAMETER);
-
- t |= 1;
- pbKeyNew = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
- cbKey = cbitKey / 8;
- CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
- pbKey = pbKeyNew;
- }
- else {
- t |= 2;
- }
- }
- CHECK_CONDITION(t != 3, COSE_ERR_INVALID_PARAMETER);
-
- if (t == 2) {
- pbKeyNew = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
- CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
- pbKey = pbKeyNew;
- cbKey = cbitKey / 8;
- rand_bytes(pbKeyNew, cbKey);
- }
- }
-
- // Build protected headers
-
- const cn_cbor * cbProtected = _COSE_encode_protected(&pcose->m_message, perr);
- if (cbProtected == NULL) goto errorReturn;
-
- // Build authenticated data
-
- if (!_COSE_Mac_Build_AAD(&pcose->m_message, szContext, &pbAuthData, &cbAuthData, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
-
- switch (alg) {
-#ifdef USE_AES_CBC_MAC_128_64
- case COSE_Algorithm_CBC_MAC_128_64:
- if (!AES_CBC_MAC_Create(pcose, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_AES_CBC_MAC_256_64
- case COSE_Algorithm_CBC_MAC_256_64:
- if (!AES_CBC_MAC_Create(pcose, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_AES_CBC_MAC_128_128
- case COSE_Algorithm_CBC_MAC_128_128:
- if (!AES_CBC_MAC_Create(pcose, 128, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_AES_CBC_MAC_256_128
- case COSE_Algorithm_CBC_MAC_256_128:
- if (!AES_CBC_MAC_Create(pcose, 128, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_HMAC_256_64
- case COSE_Algorithm_HMAC_256_64:
- if (!HMAC_Create(pcose, 256, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_HMAC_256_256
- case COSE_Algorithm_HMAC_256_256:
- if (!HMAC_Create(pcose, 256, 256, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_HMAC_384_384
- case COSE_Algorithm_HMAC_384_384:
- if (!HMAC_Create(pcose, 384, 384, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
-#ifdef USE_HMAC_512_512
- case COSE_Algorithm_HMAC_512_512:
- if (!HMAC_Create(pcose, 512, 512, pbKey, cbKey, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
-#endif
-
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- }
-
- for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
- if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr)) goto errorReturn;
- }
-
- // Figure out the clean up
-
- fRet = true;
-
-errorReturn:
- if (pbKeyNew != NULL) {
- memset(pbKeyNew, 0, cbKey);
- COSE_FREE(pbKeyNew, context);
- }
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- return fRet;
-}
-#endif
-
-#if INCLUDE_MAC
-bool COSE_Mac_validate(HCOSE_MAC h, HCOSE_RECIPIENT hRecip, cose_errback * perr)
-{
- COSE_MacMessage * pcose = (COSE_MacMessage *)h;
- COSE_RecipientInfo * pRecip = (COSE_RecipientInfo *)hRecip;
-
- CHECK_CONDITION(IsValidMacHandle(h) && IsValidRecipientHandle(hRecip), COSE_ERR_INVALID_PARAMETER);
-
- return _COSE_Mac_validate(pcose, pRecip, NULL, 0, "MAC", perr);
+ return _COSE_Mac_compute(pcose, NULL, 0, "MAC", perr);
errorReturn:
return false;
@@ -526,35 +367,41 @@
#endif
#if INCLUDE_MAC || INCLUDE_MAC0
-bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr)
+bool _COSE_Mac_compute(COSE_MacMessage *pcose,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr)
{
- byte * pbAuthData = NULL;
- size_t cbitKey = 0;
- bool fRet = false;
-
int alg;
- const cn_cbor * cn = NULL;
- byte * pbKeyNew = NULL;
- const byte * pbKey = NULL;
+ int t;
+ COSE_RecipientInfo *pri;
+ const cn_cbor *cn_Alg = NULL;
+ byte *pbAuthData = NULL;
+ size_t cbitKey;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
- size_t cbAuthData;
+ bool fRet = false;
+ size_t cbAuthData = 0;
+ const byte *pbKey = NULL;
+ byte *pbKeyNew = NULL;
+ size_t cbKey = 0;
- CHECK_CONDITION(!((pRecip != NULL) && (pbKeyIn != NULL)), COSE_ERR_INTERNAL);
+ cn_Alg = _COSE_map_get_int(
+ &pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn_Alg == NULL)
+ goto errorReturn;
+ CHECK_CONDITION(cn_Alg->type != CN_CBOR_TEXT, COSE_ERR_UNKNOWN_ALGORITHM);
+ CHECK_CONDITION(
+ ((cn_Alg->type == CN_CBOR_UINT || cn_Alg->type == CN_CBOR_INT)),
+ COSE_ERR_INVALID_PARAMETER);
- cn = _COSE_map_get_int(&pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn == NULL) goto errorReturn;
+ alg = (int)cn_Alg->v.uint;
- if (cn->type == CN_CBOR_TEXT) {
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- }
- else {
- CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ // Get the key size
- alg = (int)cn->v.uint;
-
- switch (alg) {
+ switch (alg) {
#ifdef USE_AES_CBC_MAC_128_64
case COSE_Algorithm_CBC_MAC_128_64:
cbitKey = 128;
@@ -568,43 +415,286 @@
#endif
#ifdef USE_AES_CBC_MAC_256_64
- case COSE_Algorithm_CBC_MAC_256_64:
- cbitKey = 256;
+ case COSE_Algorithm_CBC_MAC_256_64:
+ cbitKey = 256;
break;
#endif
#ifdef USE_AES_CBC_MAC_256_128
- case COSE_Algorithm_CBC_MAC_256_128:
- cbitKey = 256;
+ case COSE_Algorithm_CBC_MAC_256_128:
+ cbitKey = 256;
break;
#endif
#ifdef USE_HMAC_256_64
- case COSE_Algorithm_HMAC_256_64:
- cbitKey = 256;
+ case COSE_Algorithm_HMAC_256_64:
+ cbitKey = 256;
break;
#endif
#ifdef USE_HMAC_256_256
- case COSE_Algorithm_HMAC_256_256:
- cbitKey = 256;
+ case COSE_Algorithm_HMAC_256_256:
+ cbitKey = 256;
break;
#endif
#ifdef USE_HMAC_384_384
- case COSE_Algorithm_HMAC_384_384:
- cbitKey = 384;
+ case COSE_Algorithm_HMAC_384_384:
+ cbitKey = 384;
break;
#endif
#ifdef USE_HMAC_512_512
- case COSE_Algorithm_HMAC_512_512:
- cbitKey = 512;
+ case COSE_Algorithm_HMAC_512_512:
+ cbitKey = 512;
break;
#endif
+
default:
FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ }
+
+ // If we are doing direct encryption - then recipient generates the key
+
+ if (pbKeyIn != NULL) {
+ CHECK_CONDITION(cbKeyIn == cbitKey / 8, COSE_ERR_INVALID_PARAMETER);
+ pbKey = pbKeyIn;
+ cbKey = cbKeyIn;
+ } else {
+ t = 0;
+ for (pri = pcose->m_recipientFirst; pri != NULL;
+ pri = pri->m_recipientNext) {
+ if (pri->m_encrypt.m_message.m_flags & 1) {
+ CHECK_CONDITION(pbKey == NULL, COSE_ERR_INVALID_PARAMETER);
+
+ t |= 1;
+ pbKeyNew =
+ _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
+ cbKey = cbitKey / 8;
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
+ } else {
+ t |= 2;
+ }
+ }
+ CHECK_CONDITION(t != 3, COSE_ERR_INVALID_PARAMETER);
+
+ if (t == 2) {
+ pbKeyNew = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
+ CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbKey = pbKeyNew;
+ cbKey = cbitKey / 8;
+ rand_bytes(pbKeyNew, cbKey);
+ }
+ }
+
+ // Build protected headers
+
+ const cn_cbor *cbProtected =
+ _COSE_encode_protected(&pcose->m_message, perr);
+ if (cbProtected == NULL)
+ goto errorReturn;
+
+ // Build authenticated data
+
+ if (!_COSE_Mac_Build_AAD(&pcose->m_message, szContext, &pbAuthData,
+ &cbAuthData, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+
+ switch (alg) {
+#ifdef USE_AES_CBC_MAC_128_64
+ case COSE_Algorithm_CBC_MAC_128_64:
+ if (!AES_CBC_MAC_Create(
+ pcose, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
break;
+#endif
+
+#ifdef USE_AES_CBC_MAC_256_64
+ case COSE_Algorithm_CBC_MAC_256_64:
+ if (!AES_CBC_MAC_Create(
+ pcose, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+#ifdef USE_AES_CBC_MAC_128_128
+ case COSE_Algorithm_CBC_MAC_128_128:
+ if (!AES_CBC_MAC_Create(
+ pcose, 128, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+#ifdef USE_AES_CBC_MAC_256_128
+ case COSE_Algorithm_CBC_MAC_256_128:
+ if (!AES_CBC_MAC_Create(
+ pcose, 128, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+#ifdef USE_HMAC_256_64
+ case COSE_Algorithm_HMAC_256_64:
+ if (!HMAC_Create(
+ pcose, 256, 64, pbKey, cbKey, pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+#ifdef USE_HMAC_256_256
+ case COSE_Algorithm_HMAC_256_256:
+ if (!HMAC_Create(pcose, 256, 256, pbKey, cbKey, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+#ifdef USE_HMAC_384_384
+ case COSE_Algorithm_HMAC_384_384:
+ if (!HMAC_Create(pcose, 384, 384, pbKey, cbKey, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+#ifdef USE_HMAC_512_512
+ case COSE_Algorithm_HMAC_512_512:
+ if (!HMAC_Create(pcose, 512, 512, pbKey, cbKey, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
+#endif
+
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ }
+
+ for (pri = pcose->m_recipientFirst; pri != NULL;
+ pri = pri->m_recipientNext) {
+ if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr))
+ goto errorReturn;
+ }
+
+ // Figure out the clean up
+
+ fRet = true;
+
+errorReturn:
+ if (pbKeyNew != NULL) {
+ memset(pbKeyNew, 0, cbKey);
+ COSE_FREE(pbKeyNew, context);
+ }
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
+ return fRet;
+}
+#endif
+
+#if INCLUDE_MAC
+bool COSE_Mac_validate(HCOSE_MAC h, HCOSE_RECIPIENT hRecip, cose_errback *perr)
+{
+ COSE_MacMessage *pcose = (COSE_MacMessage *)h;
+ COSE_RecipientInfo *pRecip = (COSE_RecipientInfo *)hRecip;
+
+ CHECK_CONDITION(IsValidMacHandle(h) && IsValidRecipientHandle(hRecip),
+ COSE_ERR_INVALID_PARAMETER);
+
+ return _COSE_Mac_validate(pcose, pRecip, NULL, 0, "MAC", perr);
+
+errorReturn:
+ return false;
+}
+#endif
+
+#if INCLUDE_MAC || INCLUDE_MAC0
+bool _COSE_Mac_validate(COSE_MacMessage *pcose,
+ COSE_RecipientInfo *pRecip,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr)
+{
+ byte *pbAuthData = NULL;
+ size_t cbitKey = 0;
+ bool fRet = false;
+
+ int alg;
+ const cn_cbor *cn = NULL;
+ byte *pbKeyNew = NULL;
+ const byte *pbKey = NULL;
+#ifdef USE_CBOR_CONTEXT
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
+#endif
+ size_t cbAuthData;
+
+ CHECK_CONDITION(
+ !((pRecip != NULL) && (pbKeyIn != NULL)), COSE_ERR_INTERNAL);
+
+ cn = _COSE_map_get_int(
+ &pcose->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn == NULL)
+ goto errorReturn;
+
+ if (cn->type == CN_CBOR_TEXT) {
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ } else {
+ CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
+
+ alg = (int)cn->v.uint;
+
+ switch (alg) {
+#ifdef USE_AES_CBC_MAC_128_64
+ case COSE_Algorithm_CBC_MAC_128_64:
+ cbitKey = 128;
+ break;
+#endif
+
+#ifdef USE_AES_CBC_MAC_128_128
+ case COSE_Algorithm_CBC_MAC_128_128:
+ cbitKey = 128;
+ break;
+#endif
+
+#ifdef USE_AES_CBC_MAC_256_64
+ case COSE_Algorithm_CBC_MAC_256_64:
+ cbitKey = 256;
+ break;
+#endif
+
+#ifdef USE_AES_CBC_MAC_256_128
+ case COSE_Algorithm_CBC_MAC_256_128:
+ cbitKey = 256;
+ break;
+#endif
+
+#ifdef USE_HMAC_256_64
+ case COSE_Algorithm_HMAC_256_64:
+ cbitKey = 256;
+ break;
+#endif
+
+#ifdef USE_HMAC_256_256
+ case COSE_Algorithm_HMAC_256_256:
+ cbitKey = 256;
+ break;
+#endif
+
+#ifdef USE_HMAC_384_384
+ case COSE_Algorithm_HMAC_384_384:
+ cbitKey = 384;
+ break;
+#endif
+
+#ifdef USE_HMAC_512_512
+ case COSE_Algorithm_HMAC_512_512:
+ cbitKey = 512;
+ break;
+#endif
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
}
@@ -613,8 +703,7 @@
if (pbKeyIn != NULL) {
CHECK_CONDITION(cbitKey / 8 == cbKeyIn, COSE_ERR_INVALID_PARAMETER);
pbKey = pbKeyIn;
- }
- else {
+ } else {
if (pbKeyNew == NULL) {
pbKeyNew = COSE_CALLOC(cbitKey / 8, 1, context);
CHECK_CONDITION(pbKeyNew != NULL, COSE_ERR_OUT_OF_MEMORY);
@@ -624,22 +713,28 @@
// If there is a recipient - ask it for the key
if (pRecip != NULL) {
- COSE_RecipientInfo * pRecipX;
+ COSE_RecipientInfo *pRecipX;
- for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL; pRecipX = pRecipX->m_recipientNext) {
+ for (pRecipX = pcose->m_recipientFirst; pRecipX != NULL;
+ pRecipX = pRecipX->m_recipientNext) {
if (pRecip == pRecipX) {
- if (!_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) goto errorReturn;
+ if (!_COSE_Recipient_decrypt(
+ pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr))
+ goto errorReturn;
break;
- }
- else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
- if (_COSE_Recipient_decrypt(pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr)) break;
+ } else if (pRecipX->m_encrypt.m_recipientFirst != NULL) {
+ if (_COSE_Recipient_decrypt(
+ pRecipX, pRecip, alg, cbitKey, pbKeyNew, perr))
+ break;
}
}
CHECK_CONDITION(pRecipX != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
- }
- else {
- for (pRecip = pcose->m_recipientFirst; pRecip != NULL; pRecip = pRecip->m_recipientNext) {
- if (_COSE_Recipient_decrypt(pRecip, NULL, alg, cbitKey, pbKeyNew, perr)) break;
+ } else {
+ for (pRecip = pcose->m_recipientFirst; pRecip != NULL;
+ pRecip = pRecip->m_recipientNext) {
+ if (_COSE_Recipient_decrypt(
+ pRecip, NULL, alg, cbitKey, pbKeyNew, perr))
+ break;
}
CHECK_CONDITION(pRecip != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
@@ -647,60 +742,78 @@
// Build authenticated data
- if (!_COSE_Mac_Build_AAD(&pcose->m_message, szContext, &pbAuthData, &cbAuthData, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!_COSE_Mac_Build_AAD(&pcose->m_message, szContext, &pbAuthData,
+ &cbAuthData, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
switch (alg) {
#ifdef USE_HMAC_256_256
- case COSE_Algorithm_HMAC_256_256:
- if (!HMAC_Validate(pcose, 256, 256, pbKey, cbitKey/8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_HMAC_256_256:
+ if (!HMAC_Validate(pcose, 256, 256, pbKey, cbitKey / 8, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_HMAC_256_64
- case COSE_Algorithm_HMAC_256_64:
- if (!HMAC_Validate(pcose, 256, 64, pbKey, cbitKey/8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_HMAC_256_64:
+ if (!HMAC_Validate(pcose, 256, 64, pbKey, cbitKey / 8, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_HMAC_384_384
- case COSE_Algorithm_HMAC_384_384:
- if (!HMAC_Validate(pcose, 384, 384, pbKey, cbitKey/8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_HMAC_384_384:
+ if (!HMAC_Validate(pcose, 384, 384, pbKey, cbitKey / 8, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_HMAC_512_512
- case COSE_Algorithm_HMAC_512_512:
- if (!HMAC_Validate(pcose, 512, 512, pbKey, cbitKey/8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_HMAC_512_512:
+ if (!HMAC_Validate(pcose, 512, 512, pbKey, cbitKey / 8, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CBC_MAC_128_64
- case COSE_Algorithm_CBC_MAC_128_64:
- if (!AES_CBC_MAC_Validate(pcose, 64, pbKey, cbitKey / 8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_CBC_MAC_128_64:
+ if (!AES_CBC_MAC_Validate(pcose, 64, pbKey, cbitKey / 8, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CBC_MAC_256_64
- case COSE_Algorithm_CBC_MAC_256_64:
- if (!AES_CBC_MAC_Validate(pcose, 64, pbKey, cbitKey/8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_CBC_MAC_256_64:
+ if (!AES_CBC_MAC_Validate(pcose, 64, pbKey, cbitKey / 8, pbAuthData,
+ cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CBC_MAC_128_128
- case COSE_Algorithm_CBC_MAC_128_128:
- if (!AES_CBC_MAC_Validate(pcose, 128, pbKey, cbitKey / 8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_CBC_MAC_128_128:
+ if (!AES_CBC_MAC_Validate(pcose, 128, pbKey, cbitKey / 8,
+ pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_AES_CBC_MAC_256_128
- case COSE_Algorithm_CBC_MAC_256_128:
- if (!AES_CBC_MAC_Validate(pcose, 128, pbKey, cbitKey/8, pbAuthData, cbAuthData, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_CBC_MAC_256_128:
+ if (!AES_CBC_MAC_Validate(pcose, 128, pbKey, cbitKey / 8,
+ pbAuthData, cbAuthData, perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
fRet = true;
@@ -716,14 +829,16 @@
#endif
#if INCLUDE_MAC
-bool COSE_Mac_AddRecipient(HCOSE_MAC hMac, HCOSE_RECIPIENT hRecip, cose_errback * perr)
+bool COSE_Mac_AddRecipient(HCOSE_MAC hMac,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback *perr)
{
- COSE_RecipientInfo * pRecip;
- COSE_MacMessage * pMac;
- cn_cbor * pRecipients = NULL;
- cn_cbor * pRecipientsT = NULL;
+ COSE_RecipientInfo *pRecip;
+ COSE_MacMessage *pMac;
+ cn_cbor *pRecipients = NULL;
+ cn_cbor *pRecipientsT = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
cn_cbor_errback cbor_error;
@@ -738,33 +853,41 @@
#ifdef USE_CBOR_CONTEXT
context = &pMac->m_message.m_allocContext;
-#endif // USE_CBOR_CONTEXT
+#endif // USE_CBOR_CONTEXT
pRecipients = _COSE_arrayget_int(&pMac->m_message, INDEX_MAC_RECIPIENTS);
if (pRecipients == NULL) {
- pRecipientsT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pRecipientsT =
+ cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pRecipientsT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(_COSE_array_replace(&pMac->m_message, pRecipientsT, INDEX_MAC_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ _COSE_array_replace(&pMac->m_message, pRecipientsT,
+ INDEX_MAC_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
pRecipients = pRecipientsT;
pRecipientsT = NULL;
}
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients, pRecip->m_encrypt.m_message.m_cbor, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients,
+ pRecip->m_encrypt.m_message.m_cbor, &cbor_error),
+ cbor_error);
pRecip->m_encrypt.m_message.m_refCount++;
return true;
errorReturn:
- if (pRecipientsT == NULL) CN_CBOR_FREE(pRecipientsT, context);
+ if (pRecipientsT == NULL)
+ CN_CBOR_FREE(pRecipientsT, context);
return false;
}
-
-HCOSE_RECIPIENT COSE_Mac_GetRecipient(HCOSE_MAC cose, int iRecipient, cose_errback * perr)
+HCOSE_RECIPIENT COSE_Mac_GetRecipient(HCOSE_MAC cose,
+ int iRecipient,
+ cose_errback *perr)
{
int i;
- COSE_RecipientInfo * p;
+ COSE_RecipientInfo *p;
CHECK_CONDITION(IsValidMacHandle(cose), COSE_ERR_INVALID_PARAMETER);
@@ -773,7 +896,8 @@
CHECK_CONDITION(p != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
p = p->m_recipientNext;
}
- if (p != NULL) p->m_encrypt.m_message.m_refCount++;
+ if (p != NULL)
+ p->m_encrypt.m_message.m_refCount++;
return (HCOSE_RECIPIENT)p;
errorReturn:
diff --git a/src/MacMessage0.c b/src/MacMessage0.c
index 0f06095..1cc1293 100644
--- a/src/MacMessage0.c
+++ b/src/MacMessage0.c
@@ -1,6 +1,7 @@
/** \file MacMessage0.c
-* Contains implementation of the functions related to HCOSE_MAC0 handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_MAC0 handle
+ * objects.
+ */
#include <stdlib.h>
#ifndef __MBED__
@@ -17,38 +18,41 @@
#if INCLUDE_MAC0
-static COSE * Mac0Root = NULL;
+static COSE *Mac0Root = NULL;
/*! \private
-* @brief Test if a HCOSE_MAC0 handle is valid
-*
-* Internal function to test if a MAC0 message handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_MAC0 handle is valid
+ *
+ * Internal function to test if a MAC0 message handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
bool IsValidMac0Handle(HCOSE_MAC0 h)
{
- COSE_Mac0Message * p = (COSE_Mac0Message *)h;
- return _COSE_IsInList(Mac0Root, (COSE *) p);
+ COSE_Mac0Message *p = (COSE_Mac0Message *)h;
+ return _COSE_IsInList(Mac0Root, (COSE *)p);
}
-HCOSE_MAC0 COSE_Mac0_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_MAC0 COSE_Mac0_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_Mac0Message * pobj = NULL;
+ COSE_Mac0Message *pobj = NULL;
CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
- pobj = (COSE_Mac0Message *)COSE_CALLOC(1, sizeof(COSE_Mac0Message), context);
+ pobj =
+ (COSE_Mac0Message *)COSE_CALLOC(1, sizeof(COSE_Mac0Message), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init(flags, &pobj->m_message, COSE_mac0_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags, &pobj->m_message, COSE_mac0_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
@@ -64,15 +68,20 @@
return NULL;
}
-HCOSE_MAC0 _COSE_Mac0_Init_From_Object(cn_cbor * cbor, COSE_Mac0Message * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_MAC0 _COSE_Mac0_Init_From_Object(cn_cbor *cbor,
+ COSE_Mac0Message *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_Mac0Message * pobj = pIn;
- cn_cbor * pRecipients = NULL;
+ COSE_Mac0Message *pobj = pIn;
+ cn_cbor *pRecipients = NULL;
// cn_cbor * tmp;
- cose_errback error = { COSE_ERR_NONE };
- if (perr == NULL) perr = &error;
+ cose_errback error = {COSE_ERR_NONE};
+ if (perr == NULL)
+ perr = &error;
- if (pobj == NULL) pobj = (COSE_Mac0Message *)COSE_CALLOC(1, sizeof(COSE_Mac0Message), context);
+ if (pobj == NULL)
+ pobj = (COSE_Mac0Message *)COSE_CALLOC(
+ 1, sizeof(COSE_Mac0Message), context);
if (pobj == NULL) {
perr->err = COSE_ERR_OUT_OF_MEMORY;
errorReturn:
@@ -85,7 +94,8 @@
return NULL;
}
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
@@ -94,7 +104,7 @@
_COSE_InsertInList(&Mac0Root, &pobj->m_message);
- return(HCOSE_MAC0)pobj;
+ return (HCOSE_MAC0)pobj;
}
bool COSE_Mac0_Free(HCOSE_MAC0 h)
@@ -102,9 +112,10 @@
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context;
#endif
- COSE_Mac0Message * p = (COSE_Mac0Message *)h;
+ COSE_Mac0Message *p = (COSE_Mac0Message *)h;
- if (!IsValidMac0Handle(h)) return false;
+ if (!IsValidMac0Handle(h))
+ return false;
if (p->m_message.m_refCount > 1) {
p->m_message.m_refCount--;
@@ -124,87 +135,112 @@
return true;
}
-bool _COSE_Mac0_Release(COSE_Mac0Message * p)
+bool _COSE_Mac0_Release(COSE_Mac0Message *p)
{
_COSE_Release(&p->m_message);
return true;
}
-bool COSE_Mac0_SetContent(HCOSE_MAC0 cose, const byte * rgbContent, size_t cbContent, cose_errback * perr)
+bool COSE_Mac0_SetContent(HCOSE_MAC0 cose,
+ const byte *rgbContent,
+ size_t cbContent,
+ cose_errback *perr)
{
- COSE_Mac0Message * p = (COSE_Mac0Message *)cose;
-#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &p->m_message.m_allocContext;
+ COSE_Mac0Message *p = (COSE_Mac0Message *)cose;
+#ifdef USE_CBOR_CONTEXT
+ cn_cbor_context *context = &p->m_message.m_allocContext;
#endif
- cn_cbor * ptmp = NULL;
+ cn_cbor *ptmp = NULL;
cn_cbor_errback cbor_error;
CHECK_CONDITION(IsValidMac0Handle(cose), COSE_ERR_INVALID_PARAMETER);
- ptmp = cn_cbor_data_create(rgbContent, (int) cbContent, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ ptmp = cn_cbor_data_create(
+ rgbContent, (int)cbContent, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(_COSE_array_replace(&p->m_message, ptmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(_COSE_array_replace(&p->m_message, ptmp, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
ptmp = NULL;
return true;
errorReturn:
- if (ptmp != NULL) CN_CBOR_FREE(ptmp, context);
+ if (ptmp != NULL)
+ CN_CBOR_FREE(ptmp, context);
return false;
}
/*!
-* @brief Set the application external data for authentication
-*
-* MAC data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE MAC data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * MAC data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE MAC data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Mac0_SetExternal(HCOSE_MAC0 hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Mac0_SetExternal(HCOSE_MAC0 hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
if (!IsValidMac0Handle(hcose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
- return _COSE_SetExternal(&((COSE_Mac0Message *)hcose)->m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(&((COSE_Mac0Message *)hcose)->m_message,
+ pbExternalData, cbExternalData, perr);
}
-cn_cbor * COSE_Mac0_map_get_int(HCOSE_MAC0 h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Mac0_map_get_int(HCOSE_MAC0 h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidMac0Handle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return NULL;
}
- return _COSE_map_get_int(&((COSE_Mac0Message *)h)->m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_Mac0Message *)h)->m_message, key, flags, perror);
}
-
-bool COSE_Mac0_map_put_int(HCOSE_MAC0 h, int key, cn_cbor * value, int flags, cose_errback * perror)
+bool COSE_Mac0_map_put_int(HCOSE_MAC0 h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidMac0Handle(h) || (value == NULL)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_PARAMETER;
return false;
}
- return _COSE_map_put(&((COSE_Mac0Message *)h)->m_message, key, value, flags, perror);
+ return _COSE_map_put(
+ &((COSE_Mac0Message *)h)->m_message, key, value, flags, perror);
}
-
-bool COSE_Mac0_encrypt(HCOSE_MAC0 h, const byte * pbKey, size_t cbKey, cose_errback * perr)
+bool COSE_Mac0_encrypt(HCOSE_MAC0 h,
+ const byte *pbKey,
+ size_t cbKey,
+ cose_errback *perr)
{
- COSE_Mac0Message * pcose = (COSE_Mac0Message *)h;
+ COSE_Mac0Message *pcose = (COSE_Mac0Message *)h;
CHECK_CONDITION(IsValidMac0Handle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(pbKey != NULL, COSE_ERR_INVALID_PARAMETER);
@@ -215,9 +251,12 @@
return false;
}
-bool COSE_Mac0_validate(HCOSE_MAC0 h, const byte * pbKey, size_t cbKey, cose_errback * perr)
+bool COSE_Mac0_validate(HCOSE_MAC0 h,
+ const byte *pbKey,
+ size_t cbKey,
+ cose_errback *perr)
{
- COSE_Mac0Message * pcose = (COSE_Mac0Message *)h;
+ COSE_Mac0Message *pcose = (COSE_Mac0Message *)h;
CHECK_CONDITION(IsValidMac0Handle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(pbKey != NULL, COSE_ERR_INVALID_PARAMETER);
diff --git a/src/Recipient.c b/src/Recipient.c
index 8f103cb..b597a57 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -9,40 +9,50 @@
#include "crypto.h"
#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC || INCLUDE_MAC0
-static bool BuildContextBytes(COSE * pcose, int algID, size_t cbitKey, byte ** ppbContext, size_t * pcbContext, CBOR_CONTEXT_COMMA cose_errback * perr);
+static bool BuildContextBytes(COSE *pcose,
+ int algID,
+ size_t cbitKey,
+ byte **ppbContext,
+ size_t *pcbContext,
+ CBOR_CONTEXT_COMMA cose_errback *perr);
#endif
#if INCLUDE_ENCRYPT || INCLUDE_MAC
-static COSE* RecipientRoot = NULL;
+static COSE *RecipientRoot = NULL;
/*! \private
-* @brief Test if a HCOSE_RECIPIENT handle is valid
-*
-* Internal function to test if a recipient handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_RECIPIENT handle is valid
+ *
+ * Internal function to test if a recipient handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
bool IsValidRecipientHandle(HCOSE_RECIPIENT h)
{
- COSE_RecipientInfo * p = (COSE_RecipientInfo *)h;
+ COSE_RecipientInfo *p = (COSE_RecipientInfo *)h;
- if (p == NULL) return false;
+ if (p == NULL)
+ return false;
return _COSE_IsInList(RecipientRoot, &p->m_encrypt.m_message);
}
-HCOSE_RECIPIENT COSE_Recipient_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_RECIPIENT COSE_Recipient_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
- COSE_RecipientInfo * pobj = (COSE_RecipientInfo *)COSE_CALLOC(1, sizeof(COSE_RecipientInfo), context);
+ COSE_RecipientInfo *pobj = (COSE_RecipientInfo *)COSE_CALLOC(
+ 1, sizeof(COSE_RecipientInfo), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init(flags | COSE_INIT_FLAGS_NO_CBOR_TAG, &pobj->m_encrypt.m_message, COSE_recipient_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags | COSE_INIT_FLAGS_NO_CBOR_TAG,
+ &pobj->m_encrypt.m_message, COSE_recipient_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
_COSE_Recipient_Free(pobj);
return NULL;
}
@@ -57,7 +67,7 @@
bool COSE_Recipient_Free(HCOSE_RECIPIENT hRecipient)
{
if (IsValidRecipientHandle(hRecipient)) {
- COSE_RecipientInfo * p = (COSE_RecipientInfo *)hRecipient;
+ COSE_RecipientInfo *p = (COSE_RecipientInfo *)hRecipient;
_COSE_RemoveFromList(&RecipientRoot, &p->m_encrypt.m_message);
_COSE_Recipient_Free(p);
@@ -67,34 +77,43 @@
return false;
}
-HCOSE_RECIPIENT COSE_Recipient_from_shared_secret(byte * rgbKey, int cbKey, byte * rgbKid, int cbKid, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_RECIPIENT COSE_Recipient_from_shared_secret(byte *rgbKey,
+ int cbKey,
+ byte *rgbKid,
+ int cbKid,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
HCOSE_RECIPIENT hRecipient = NULL;
hRecipient = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA perr);
- if (hRecipient == NULL) goto errorReturn;
+ if (hRecipient == NULL)
+ goto errorReturn;
- if (!COSE_Recipient_SetKey_secret(hRecipient, rgbKey, cbKey, rgbKid, cbKid, perr)) goto errorReturn;
+ if (!COSE_Recipient_SetKey_secret(
+ hRecipient, rgbKey, cbKey, rgbKid, cbKid, perr))
+ goto errorReturn;
return hRecipient;
errorReturn:
- if (hRecipient != NULL) COSE_Recipient_Free(hRecipient);
+ if (hRecipient != NULL)
+ COSE_Recipient_Free(hRecipient);
return NULL;
}
-
-
-COSE_RecipientInfo * _COSE_Recipient_Init_From_Object(cn_cbor * cbor, CBOR_CONTEXT_COMMA cose_errback * perr)
+COSE_RecipientInfo *_COSE_Recipient_Init_From_Object(cn_cbor *cbor,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_RecipientInfo * pRecipient = NULL;
+ COSE_RecipientInfo *pRecipient = NULL;
- pRecipient = (COSE_RecipientInfo *)COSE_CALLOC(1, sizeof(COSE_RecipientInfo), context);
+ pRecipient = (COSE_RecipientInfo *)COSE_CALLOC(
+ 1, sizeof(COSE_RecipientInfo), context);
CHECK_CONDITION(pRecipient != NULL, COSE_ERR_OUT_OF_MEMORY);
CHECK_CONDITION(cbor->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
- if (_COSE_Enveloped_Init_From_Object(cbor, &pRecipient->m_encrypt, CBOR_CONTEXT_PARAM_COMMA perr) == NULL) {
+ if (_COSE_Enveloped_Init_From_Object(cbor, &pRecipient->m_encrypt,
+ CBOR_CONTEXT_PARAM_COMMA perr) == NULL) {
goto errorReturn;
}
@@ -103,11 +122,12 @@
return pRecipient;
errorReturn:
- if (pRecipient != NULL) _COSE_Recipient_Free(pRecipient);
+ if (pRecipient != NULL)
+ _COSE_Recipient_Free(pRecipient);
return NULL;
}
-void _COSE_Recipient_Free(COSE_RecipientInfo * pRecipient)
+void _COSE_Recipient_Free(COSE_RecipientInfo *pRecipient)
{
if (pRecipient->m_encrypt.m_message.m_refCount > 1) {
pRecipient->m_encrypt.m_message.m_refCount--;
@@ -123,100 +143,130 @@
#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC || INCLUDE_MAC0
#if defined(USE_HKDF_SHA2) || defined(USE_HKDF_AES)
/**
-* Perform an AES-CCM Decryption operation
-*
-* @param[in] COSE * Pointer to COSE Encryption context object
-* @param[in] int Alorithm key is being generated for
-* @param[in] cn_cbor * Private key
-* @param[in] cn_cbor * Public Key
-* @param[out] byte * Buffer to return new key in
-* @param[in] size_t Size of key to create in bits
-* @param[in] size_t Size of digest function
-* @param[in] cbor_context * Allocation context
-* @param[out] cose_errback * Returned error information
-* @return Did the function succeed?
-*/
+ * Perform an AES-CCM Decryption operation
+ *
+ * @param[in] COSE * Pointer to COSE Encryption context object
+ * @param[in] int Alorithm key is being generated for
+ * @param[in] cn_cbor * Private key
+ * @param[in] cn_cbor * Public Key
+ * @param[out] byte * Buffer to return new key in
+ * @param[in] size_t Size of key to create in bits
+ * @param[in] size_t Size of digest function
+ * @param[in] cbor_context * Allocation context
+ * @param[out] cose_errback * Returned error information
+ * @return Did the function succeed?
+ */
-static bool HKDF_X(COSE * pCose, bool fHMAC, bool fECDH, bool fStatic, bool fSend, int algResult, const cn_cbor * pKeyPrivate, const cn_cbor * pKeyPublic, byte * pbKey, size_t cbitKey, size_t cbitHash, CBOR_CONTEXT_COMMA cose_errback * perr)
+static bool HKDF_X(COSE *pCose,
+ bool fHMAC,
+ bool fECDH,
+ bool fStatic,
+ bool fSend,
+ int algResult,
+ const cn_cbor *pKeyPrivate,
+ const cn_cbor *pKeyPublic,
+ byte *pbKey,
+ size_t cbitKey,
+ size_t cbitHash,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- byte * pbContext = NULL;
+ byte *pbContext = NULL;
size_t cbContext;
bool fRet = false;
- const cn_cbor * cn;
+ const cn_cbor *cn;
byte rgbDigest[512 / 8];
size_t cbDigest;
- byte * pbSecret = NULL;
+ byte *pbSecret = NULL;
size_t cbSecret = 0;
- if (!BuildContextBytes(pCose, algResult, cbitKey, &pbContext, &cbContext, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
-
+ if (!BuildContextBytes(pCose, algResult, cbitKey, &pbContext, &cbContext,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
if (fECDH) {
#ifdef USE_ECDH
- cn_cbor * pkeyMessage;
+ cn_cbor *pkeyMessage;
if (pKeyPrivate != NULL) {
cn = cn_cbor_mapget_int(pKeyPrivate, COSE_Key_Type);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(cn->v.uint == COSE_Key_Type_EC2, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_UINT),
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ cn->v.uint == COSE_Key_Type_EC2, COSE_ERR_INVALID_PARAMETER);
}
if (pKeyPublic != NULL) {
cn = cn_cbor_mapget_int(pKeyPublic, COSE_Key_Type);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(cn->v.uint == COSE_Key_Type_EC2, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_UINT),
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ cn->v.uint == COSE_Key_Type_EC2, COSE_ERR_INVALID_PARAMETER);
}
if (fSend) {
CHECK_CONDITION(pKeyPublic != NULL, COSE_ERR_INVALID_PARAMETER);
- pkeyMessage = (cn_cbor *) pKeyPrivate;
+ pkeyMessage = (cn_cbor *)pKeyPrivate;
- if (!ECDH_ComputeSecret(pCose, &pkeyMessage, pKeyPublic, &pbSecret, &cbSecret, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!ECDH_ComputeSecret(pCose, &pkeyMessage, pKeyPublic, &pbSecret,
+ &cbSecret, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
if (!fStatic && pkeyMessage->parent == NULL) {
- if (!_COSE_map_put(pCose, COSE_Header_ECDH_EPHEMERAL, pkeyMessage, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!_COSE_map_put(pCose, COSE_Header_ECDH_EPHEMERAL,
+ pkeyMessage, COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
}
- }
- else {
-
- pkeyMessage = _COSE_map_get_int(pCose, fStatic ? COSE_Header_ECDH_STATIC : COSE_Header_ECDH_EPHEMERAL, COSE_BOTH, perr);
+ } else {
+ pkeyMessage = _COSE_map_get_int(pCose,
+ fStatic ? COSE_Header_ECDH_STATIC : COSE_Header_ECDH_EPHEMERAL,
+ COSE_BOTH, perr);
CHECK_CONDITION(pkeyMessage != NULL, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(pKeyPrivate != NULL, COSE_ERR_INVALID_PARAMETER);
- if (!ECDH_ComputeSecret(pCose, (cn_cbor **)&pKeyPrivate, pkeyMessage, &pbSecret, &cbSecret, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!ECDH_ComputeSecret(pCose, (cn_cbor **)&pKeyPrivate,
+ pkeyMessage, &pbSecret, &cbSecret,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
}
#else
- goto errorReturn;
+ goto errorReturn;
#endif
- }
- else {
+ } else {
CHECK_CONDITION(pKeyPrivate != NULL, COSE_ERR_INVALID_PARAMETER);
- cn = cn_cbor_mapget_int(pKeyPrivate, COSE_Key_Type);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(cn->v.uint == COSE_Key_Type_OCTET, COSE_ERR_INVALID_PARAMETER);
+ cn = cn_cbor_mapget_int(pKeyPrivate, COSE_Key_Type);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_UINT),
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ cn->v.uint == COSE_Key_Type_OCTET, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(cn->v.sint == 4, COSE_ERR_INVALID_PARAMETER);
cn = cn_cbor_mapget_int(pKeyPrivate, -1);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
- pbSecret = (byte *) cn->v.bytes;
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
+ pbSecret = (byte *)cn->v.bytes;
cbSecret = cn->length;
}
if (fHMAC) {
#ifdef USE_HKDF_SHA2
- if (!HKDF_Extract(pCose, pbSecret, cbSecret, cbitHash, rgbDigest, &cbDigest, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!HKDF_Extract(pCose, pbSecret, cbSecret, cbitHash, rgbDigest,
+ &cbDigest, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!HKDF_Expand(pCose, cbitHash, rgbDigest, cbDigest, pbContext, cbContext, pbKey, cbitKey / 8, perr)) goto errorReturn;
+ if (!HKDF_Expand(pCose, cbitHash, rgbDigest, cbDigest, pbContext,
+ cbContext, pbKey, cbitKey / 8, perr))
+ goto errorReturn;
#else
- goto errorReturn;
+ goto errorReturn;
#endif
- }
- else {
+ } else {
#ifdef USE_HKDF_AES
- if (!HKDF_AES_Expand(pCose, cbitHash, pbSecret, cbSecret, pbContext, cbContext, pbKey, cbitKey / 8, perr)) goto errorReturn;
+ if (!HKDF_AES_Expand(pCose, cbitHash, pbSecret, cbSecret, pbContext,
+ cbContext, pbKey, cbitKey / 8, perr))
+ goto errorReturn;
#else
- goto errorReturn;
+ goto errorReturn;
#endif
}
fRet = true;
@@ -227,28 +277,34 @@
COSE_FREE(pbSecret, context);
}
memset(rgbDigest, 0, sizeof(rgbDigest));
- if (pbContext != NULL) COSE_FREE(pbContext, context);
+ if (pbContext != NULL)
+ COSE_FREE(pbContext, context);
return fRet;
}
-#endif // defined(USE_HKDF_SHA2) || defined(USE_HKDF_AES)
+#endif // defined(USE_HKDF_SHA2) || defined(USE_HKDF_AES)
-bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, size_t cbitKeyOut, byte * pbKeyOut, cose_errback * perr)
+bool _COSE_Recipient_decrypt(COSE_RecipientInfo *pRecip,
+ COSE_RecipientInfo *pRecipUse,
+ int algIn,
+ size_t cbitKeyOut,
+ byte *pbKeyOut,
+ cose_errback *perr)
{
UNUSED(pRecipUse);
int alg;
- const cn_cbor * cn = NULL;
- COSE_RecipientInfo * pRecip2;
+ const cn_cbor *cn = NULL;
+ COSE_RecipientInfo *pRecip2;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context;
+ cn_cbor_context *context;
#endif
- byte * pbAuthData = NULL;
- byte * pbProtected = NULL;
- COSE_Enveloped * pcose = &pRecip->m_encrypt;
- cn_cbor * cnBody = NULL;
- byte * pbContext = NULL;
- byte * pbSecret = NULL;
+ byte *pbAuthData = NULL;
+ byte *pbProtected = NULL;
+ COSE_Enveloped *pcose = &pRecip->m_encrypt;
+ cn_cbor *cnBody = NULL;
+ byte *pbContext = NULL;
+ byte *pbSecret = NULL;
int cbKey2;
- byte * pbKeyX = NULL;
+ byte *pbKeyX = NULL;
int cbitKeyX = 0;
byte rgbKey[256 / 8];
@@ -258,122 +314,130 @@
UNUSED(pcose);
#endif
- cn = _COSE_map_get_int(&pRecip->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ cn = _COSE_map_get_int(
+ &pRecip->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
if (cn == NULL) {
errorReturn:
- if (pbContext != NULL) COSE_FREE(pbContext, context);
- if (pbProtected != NULL) COSE_FREE(pbProtected, context);
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if (pbSecret != NULL) COSE_FREE(pbSecret, context);
+ if (pbContext != NULL)
+ COSE_FREE(pbContext, context);
+ if (pbProtected != NULL)
+ COSE_FREE(pbProtected, context);
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
+ if (pbSecret != NULL)
+ COSE_FREE(pbSecret, context);
return false;
}
CHECK_CONDITION(cn->type != CN_CBOR_TEXT, COSE_ERR_UNKNOWN_ALGORITHM);
- CHECK_CONDITION((cn->type == CN_CBOR_UINT) || (cn->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((cn->type == CN_CBOR_UINT) || (cn->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cn->v.uint;
CHECK_CONDITION(pbKeyOut != NULL, COSE_ERR_INVALID_PARAMETER);
switch (alg) {
- case COSE_Algorithm_Direct:
- CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
- cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(((size_t)cn->length == cbitKeyOut / 8), COSE_ERR_INVALID_PARAMETER);
- memcpy(pbKeyOut, cn->v.bytes, cn->length);
+ case COSE_Algorithm_Direct:
+ CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(((size_t)cn->length == cbitKeyOut / 8),
+ COSE_ERR_INVALID_PARAMETER);
+ memcpy(pbKeyOut, cn->v.bytes, cn->length);
- return true;
+ return true;
#ifdef USE_AES_KW_128
- case COSE_Algorithm_AES_KW_128:
- cbitKeyX = 128;
- break;
+ case COSE_Algorithm_AES_KW_128:
+ cbitKeyX = 128;
+ break;
#endif
#ifdef USE_AES_KW_192
- case COSE_Algorithm_AES_KW_192:
- cbitKeyX = 192;
- break;
+ case COSE_Algorithm_AES_KW_192:
+ cbitKeyX = 192;
+ break;
#endif
#ifdef USE_AES_KW_256
- case COSE_Algorithm_AES_KW_256:
- cbitKeyX = 192;
- break;
+ case COSE_Algorithm_AES_KW_256:
+ cbitKeyX = 192;
+ break;
#endif
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
- break;
+ case COSE_Algorithm_Direct_HKDF_AES_128:
+ break;
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
- break;
+ case COSE_Algorithm_Direct_HKDF_AES_256:
+ break;
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
- break;
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ break;
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
- break;
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ break;
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
- break;
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
+ break;
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
- break;
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
+ break;
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
- break;
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
+ break;
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
- break;
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
+ break;
#endif
#ifdef USE_ECDH_ES_A128KW
- case COSE_Algorithm_ECDH_ES_A128KW:
- break;
+ case COSE_Algorithm_ECDH_ES_A128KW:
+ break;
#endif
#ifdef USE_ECDH_ES_A192KW
- case COSE_Algorithm_ECDH_ES_A192KW:
- break;
+ case COSE_Algorithm_ECDH_ES_A192KW:
+ break;
#endif
#ifdef USE_ECDH_ES_A256KW
- case COSE_Algorithm_ECDH_ES_A256KW:
- break;
+ case COSE_Algorithm_ECDH_ES_A256KW:
+ break;
#endif
#ifdef USE_ECDH_SS_A128KW
- case COSE_Algorithm_ECDH_SS_A128KW:
- break;
+ case COSE_Algorithm_ECDH_SS_A128KW:
+ break;
#endif
#ifdef USE_ECDH_SS_A192KW
- case COSE_Algorithm_ECDH_SS_A192KW:
- break;
+ case COSE_Algorithm_ECDH_SS_A192KW:
+ break;
#endif
#ifdef USE_ECDH_SS_A256KW
- case COSE_Algorithm_ECDH_SS_A256KW:
- break;
+ case COSE_Algorithm_ECDH_SS_A256KW:
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
if (pcose->m_recipientFirst != NULL) {
@@ -382,8 +446,11 @@
pbKeyX = COSE_CALLOC(cbitKeyX / 8, 1, context);
CHECK_CONDITION(pbKeyX != NULL, COSE_ERR_OUT_OF_MEMORY);
- for (pRecip2 = pcose->m_recipientFirst; pRecip2 != NULL; pRecip2 = pRecip->m_recipientNext) {
- if (_COSE_Recipient_decrypt(pRecip2, NULL, alg, cbitKeyX, pbKeyX, perr)) break;
+ for (pRecip2 = pcose->m_recipientFirst; pRecip2 != NULL;
+ pRecip2 = pRecip->m_recipientNext) {
+ if (_COSE_Recipient_decrypt(
+ pRecip2, NULL, alg, cbitKeyX, pbKeyX, perr))
+ break;
}
CHECK_CONDITION(pRecip2 != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
@@ -393,310 +460,393 @@
switch (alg) {
#ifdef USE_AES_KW_128
- case COSE_Algorithm_AES_KW_128:
- if (pbKeyX != NULL) {
- int x = cbitKeyOut / 8;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, pbKeyX, cbitKeyX, cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr)) goto errorReturn;
- }
- else {
- CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
- int x = cbitKeyOut / 8;
- cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ case COSE_Algorithm_AES_KW_128:
+ if (pbKeyX != NULL) {
+ int x = cbitKeyOut / 8;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, pbKeyX, cbitKeyX,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr))
+ goto errorReturn;
+ } else {
+ CHECK_CONDITION(
+ pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ int x = cbitKeyOut / 8;
+ cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, cn->v.bytes, cn->length * 8, cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr)) goto errorReturn;
- }
- break;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, cn->v.bytes,
+ cn->length * 8, cnBody->v.bytes, cnBody->length,
+ pbKeyOut, &x, perr))
+ goto errorReturn;
+ }
+ break;
#endif
#ifdef USE_AES_KW_192
- case COSE_Algorithm_AES_KW_192:
- if (pbKeyX != NULL) {
- int x = cbitKeyOut / 8;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, pbKeyX, cbitKeyX, cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr)) goto errorReturn;
- }
- else {
- CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
- int x = cbitKeyOut / 8;
- cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ case COSE_Algorithm_AES_KW_192:
+ if (pbKeyX != NULL) {
+ int x = cbitKeyOut / 8;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, pbKeyX, cbitKeyX,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr))
+ goto errorReturn;
+ } else {
+ CHECK_CONDITION(
+ pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ int x = cbitKeyOut / 8;
+ cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, cn->v.bytes, cn->length * 8, cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr)) goto errorReturn;
- }
- break;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, cn->v.bytes,
+ cn->length * 8, cnBody->v.bytes, cnBody->length,
+ pbKeyOut, &x, perr))
+ goto errorReturn;
+ }
+ break;
#endif
#ifdef USE_AES_KW_256
- case COSE_Algorithm_AES_KW_256:
- if (pbKeyX != NULL) {
- int x = cbitKeyOut / 8;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, pbKeyX, cbitKeyX, cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr)) goto errorReturn;
- }
- else {
- CHECK_CONDITION(pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
- int x = cbitKeyOut / 8;
- cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
- CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ case COSE_Algorithm_AES_KW_256:
+ if (pbKeyX != NULL) {
+ int x = cbitKeyOut / 8;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, pbKeyX, cbitKeyX,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr))
+ goto errorReturn;
+ } else {
+ CHECK_CONDITION(
+ pRecip->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ int x = cbitKeyOut / 8;
+ cn = cn_cbor_mapget_int(pRecip->m_pkey, -1);
+ CHECK_CONDITION((cn != NULL) && (cn->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, cn->v.bytes, cn->length * 8, cnBody->v.bytes, cnBody->length, pbKeyOut, &x, perr)) goto errorReturn;
- }
- break;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, cn->v.bytes,
+ cn->length * 8, cnBody->v.bytes, cnBody->length,
+ pbKeyOut, &x, perr))
+ goto errorReturn;
+ }
+ break;
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
- if (!HKDF_X(&pcose->m_message, true, false, false, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ if (!HKDF_X(&pcose->m_message, true, false, false, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
- if (!HKDF_X(&pcose->m_message, true, false, false, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 512, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ if (!HKDF_X(&pcose->m_message, true, false, false, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 512,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
- if (!HKDF_X(&pcose->m_message, false, false, false, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 128, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_AES_128:
+ if (!HKDF_X(&pcose->m_message, false, false, false, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 128,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
- if (!HKDF_X(&pcose->m_message, false, false, false, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_AES_256:
+ if (!HKDF_X(&pcose->m_message, false, false, false, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
- if (!HKDF_X(&pcose->m_message, true, true, false, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
+ if (!HKDF_X(&pcose->m_message, true, true, false, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
- if (!HKDF_X(&pcose->m_message, true, true, false, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 512, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
+ if (!HKDF_X(&pcose->m_message, true, true, false, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 512,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
- if (!HKDF_X(&pcose->m_message, true, true, true, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
+ if (!HKDF_X(&pcose->m_message, true, true, true, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
- if (!HKDF_X(&pcose->m_message, true, true, true, false, algIn, pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 512, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
+ if (!HKDF_X(&pcose->m_message, true, true, true, false, algIn,
+ pRecip->m_pkey, NULL, pbKeyOut, cbitKeyOut, 512,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_A128KW
- case COSE_Algorithm_ECDH_ES_A128KW:
- if (!HKDF_X(&pcose->m_message, true, true, false, false, COSE_Algorithm_AES_KW_128, pRecip->m_pkey, NULL, rgbKey, 128, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ case COSE_Algorithm_ECDH_ES_A128KW:
+ if (!HKDF_X(&pcose->m_message, true, true, false, false,
+ COSE_Algorithm_AES_KW_128, pRecip->m_pkey, NULL, rgbKey,
+ 128, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 128, cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr)) goto errorReturn;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 128,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr))
+ goto errorReturn;
- break;
+ break;
#endif
#ifdef USE_ECDH_ES_A192KW
- case COSE_Algorithm_ECDH_ES_A192KW:
- if (!HKDF_X(&pcose->m_message, true, true, false, false, COSE_Algorithm_AES_KW_192, pRecip->m_pkey, NULL, rgbKey, 192, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ case COSE_Algorithm_ECDH_ES_A192KW:
+ if (!HKDF_X(&pcose->m_message, true, true, false, false,
+ COSE_Algorithm_AES_KW_192, pRecip->m_pkey, NULL, rgbKey,
+ 192, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 192, cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr)) goto errorReturn;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 192,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr))
+ goto errorReturn;
- break;
+ break;
#endif
#ifdef USE_ECDH_ES_A256KW
- case COSE_Algorithm_ECDH_ES_A256KW:
- if (!HKDF_X(&pcose->m_message, true, true, false, false, COSE_Algorithm_AES_KW_256, pRecip->m_pkey, NULL, rgbKey, 256, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ case COSE_Algorithm_ECDH_ES_A256KW:
+ if (!HKDF_X(&pcose->m_message, true, true, false, false,
+ COSE_Algorithm_AES_KW_256, pRecip->m_pkey, NULL, rgbKey,
+ 256, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 256, cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr)) goto errorReturn;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 256,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr))
+ goto errorReturn;
- break;
+ break;
#endif
#ifdef USE_ECDH_SS_A128KW
- case COSE_Algorithm_ECDH_SS_A128KW:
- if (!HKDF_X(&pcose->m_message, true, true, true, false, COSE_Algorithm_AES_KW_128, pRecip->m_pkey, NULL, rgbKey, 128, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ case COSE_Algorithm_ECDH_SS_A128KW:
+ if (!HKDF_X(&pcose->m_message, true, true, true, false,
+ COSE_Algorithm_AES_KW_128, pRecip->m_pkey, NULL, rgbKey,
+ 128, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 128, cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr)) goto errorReturn;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 128,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr))
+ goto errorReturn;
- break;
+ break;
#endif
#ifdef USE_ECDH_SS_A192KW
- case COSE_Algorithm_ECDH_SS_A192KW:
- if (!HKDF_X(&pcose->m_message, true, true, true, false, COSE_Algorithm_AES_KW_192, pRecip->m_pkey, NULL, rgbKey, 192, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ case COSE_Algorithm_ECDH_SS_A192KW:
+ if (!HKDF_X(&pcose->m_message, true, true, true, false,
+ COSE_Algorithm_AES_KW_192, pRecip->m_pkey, NULL, rgbKey,
+ 192, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 192, cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr)) goto errorReturn;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 192,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr))
+ goto errorReturn;
- break;
+ break;
#endif
#ifdef USE_ECDH_SS_A256KW
- case COSE_Algorithm_ECDH_SS_A256KW:
- if (!HKDF_X(&pcose->m_message, true, true, true, false, COSE_Algorithm_AES_KW_256, pRecip->m_pkey, NULL, rgbKey, 256, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ case COSE_Algorithm_ECDH_SS_A256KW:
+ if (!HKDF_X(&pcose->m_message, true, true, true, false,
+ COSE_Algorithm_AES_KW_256, pRecip->m_pkey, NULL, rgbKey,
+ 256, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 256, cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr)) goto errorReturn;
+ if (!AES_KW_Decrypt((COSE_Enveloped *)pcose, rgbKey, 256,
+ cnBody->v.bytes, cnBody->length, pbKeyOut, &cbKey2, perr))
+ goto errorReturn;
- break;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
return true;
}
-bool _COSE_Recipient_encrypt(COSE_RecipientInfo * pRecipient, const byte * pbContent, size_t cbContent, cose_errback * perr)
+bool _COSE_Recipient_encrypt(COSE_RecipientInfo *pRecipient,
+ const byte *pbContent,
+ size_t cbContent,
+ cose_errback *perr)
{
int alg;
int t = 0;
- COSE_RecipientInfo * pri;
- const cn_cbor * cn_Alg = NULL;
- byte * pbAuthData = NULL;
- cn_cbor * ptmp = NULL;
+ COSE_RecipientInfo *pri;
+ const cn_cbor *cn_Alg = NULL;
+ byte *pbAuthData = NULL;
+ cn_cbor *ptmp = NULL;
size_t cbitKey;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
cn_cbor_errback cbor_error;
bool fRet = false;
- byte * pbContext = NULL;
+ byte *pbContext = NULL;
byte rgbKey[256 / 8];
- byte * pbSecret = NULL;
- byte * pbKey = NULL;
+ byte *pbSecret = NULL;
+ byte *pbKey = NULL;
size_t cbKey = 0;
#ifdef USE_CBOR_CONTEXT
context = &pRecipient->m_encrypt.m_message.m_allocContext;
-#endif // USE_CBOR_CONTEXT
+#endif // USE_CBOR_CONTEXT
- cn_Alg = _COSE_map_get_int(&pRecipient->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn_Alg == NULL) goto errorReturn;
+ cn_Alg = _COSE_map_get_int(&pRecipient->m_encrypt.m_message,
+ COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn_Alg == NULL)
+ goto errorReturn;
CHECK_CONDITION(cn_Alg->type != CN_CBOR_TEXT, COSE_ERR_UNKNOWN_ALGORITHM);
- CHECK_CONDITION((cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ (cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cn_Alg->v.uint;
// Get the key size
switch (alg) {
- case COSE_Algorithm_Direct:
+ case COSE_Algorithm_Direct:
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
#endif
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
+ case COSE_Algorithm_Direct_HKDF_AES_128:
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
+ case COSE_Algorithm_Direct_HKDF_AES_256:
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
#endif
- // This is a NOOP
- cbitKey = 0;
- CHECK_CONDITION(pRecipient->m_encrypt.m_recipientFirst == NULL, COSE_ERR_INVALID_PARAMETER);
- break;
+ // This is a NOOP
+ cbitKey = 0;
+ CHECK_CONDITION(pRecipient->m_encrypt.m_recipientFirst == NULL,
+ COSE_ERR_INVALID_PARAMETER);
+ break;
#ifdef USE_AES_KW_128
- case COSE_Algorithm_AES_KW_128:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_AES_KW_128:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_ECDH_ES_A128KW
- case COSE_Algorithm_ECDH_ES_A128KW:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_ECDH_ES_A128KW:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_ECDH_SS_A128KW
- case COSE_Algorithm_ECDH_SS_A128KW:
- cbitKey = 128;
- break;
+ case COSE_Algorithm_ECDH_SS_A128KW:
+ cbitKey = 128;
+ break;
#endif
#ifdef USE_AES_KW_192
- case COSE_Algorithm_AES_KW_192:
- cbitKey = 192;
- break;
+ case COSE_Algorithm_AES_KW_192:
+ cbitKey = 192;
+ break;
#endif
#ifdef USE_ECDH_ES_A192KW
- case COSE_Algorithm_ECDH_ES_A192KW:
- cbitKey = 192;
- break;
+ case COSE_Algorithm_ECDH_ES_A192KW:
+ cbitKey = 192;
+ break;
#endif
#ifdef USE_ECDH_SS_A192KW
- case COSE_Algorithm_ECDH_SS_A192KW:
- cbitKey = 192;
- break;
+ case COSE_Algorithm_ECDH_SS_A192KW:
+ cbitKey = 192;
+ break;
#endif
#ifdef USE_AES_KW_256
- case COSE_Algorithm_AES_KW_256:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_AES_KW_256:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_ECDH_ES_A256KW
- case COSE_Algorithm_ECDH_ES_A256KW:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_ECDH_ES_A256KW:
+ cbitKey = 256;
+ break;
#endif
#ifdef USE_ECDH_SS_A256KW
- case COSE_Algorithm_ECDH_SS_A256KW:
- cbitKey = 256;
- break;
+ case COSE_Algorithm_ECDH_SS_A256KW:
+ cbitKey = 256;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
}
// If we are doing direct encryption - then recipient generates the key
if (pRecipient->m_encrypt.m_recipientFirst != NULL) {
t = 0;
- for (pri = pRecipient->m_encrypt.m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
+ for (pri = pRecipient->m_encrypt.m_recipientFirst; pri != NULL;
+ pri = pri->m_recipientNext) {
if (pri->m_encrypt.m_message.m_flags & 1) {
t |= 1;
- pbKey = _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
- if (pbKey == NULL) goto errorReturn;
+ pbKey =
+ _COSE_RecipientInfo_generateKey(pri, alg, cbitKey, perr);
+ if (pbKey == NULL)
+ goto errorReturn;
cbKey = cbitKey / 8;
- }
- else {
+ } else {
t |= 2;
}
}
CHECK_CONDITION(t != 3, COSE_ERR_INVALID_PARAMETER);
// Do we need to generate a random key at this point -
- // This is only true if we both haven't done it and and we have a recipient to encrypt it.
-
- if (t == 2) {
+ // This is only true if we both haven't done it and and we have a
+ // recipient to encrypt it.
+
+ if (t == 2) {
pbKey = (byte *)COSE_CALLOC(cbitKey / 8, 1, context);
CHECK_CONDITION(pbKey != NULL, COSE_ERR_OUT_OF_MEMORY);
cbKey = cbitKey / 8;
@@ -706,135 +856,185 @@
// Build protected headers
- const cn_cbor * cbProtected = _COSE_encode_protected(&pRecipient->m_encrypt.m_message, perr);
- if (cbProtected == NULL) goto errorReturn;
+ const cn_cbor *cbProtected =
+ _COSE_encode_protected(&pRecipient->m_encrypt.m_message, perr);
+ if (cbProtected == NULL)
+ goto errorReturn;
// Build authenticated data
size_t cbAuthData = 0;
- if (!_COSE_Encrypt_Build_AAD(&pRecipient->m_encrypt.m_message, &pbAuthData, &cbAuthData, "Recipient", perr)) goto errorReturn;
+ if (!_COSE_Encrypt_Build_AAD(&pRecipient->m_encrypt.m_message, &pbAuthData,
+ &cbAuthData, "Recipient", perr))
+ goto errorReturn;
switch (alg) {
-
- case COSE_Algorithm_Direct:
+ case COSE_Algorithm_Direct:
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
#endif
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
+ case COSE_Algorithm_Direct_HKDF_AES_128:
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
+ case COSE_Algorithm_Direct_HKDF_AES_256:
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
#endif
- ptmp = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(_COSE_array_replace(&pRecipient->m_encrypt.m_message, ptmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- ptmp = NULL;
- break;
-
+ ptmp = cn_cbor_data_create(
+ NULL, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ CHECK_CONDITION_CBOR(ptmp != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(
+ _COSE_array_replace(&pRecipient->m_encrypt.m_message, ptmp,
+ INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
+ ptmp = NULL;
+ break;
#ifdef USE_AES_KW_128
- case COSE_Algorithm_AES_KW_128:
- if (pRecipient->m_pkey != NULL) {
- cn_cbor * pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
- CHECK_CONDITION(pK != NULL, COSE_ERR_INVALID_PARAMETER);
- if (!AES_KW_Encrypt(pRecipient, pK->v.bytes, (int)pK->length * 8, pbContent, (int)cbContent, perr)) goto errorReturn;
- }
- else {
- if (!AES_KW_Encrypt(pRecipient, pbKey, (int)cbKey * 8, pbContent, (int)cbContent, perr)) goto errorReturn;
- }
- break;
+ case COSE_Algorithm_AES_KW_128:
+ if (pRecipient->m_pkey != NULL) {
+ cn_cbor *pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
+ CHECK_CONDITION(pK != NULL, COSE_ERR_INVALID_PARAMETER);
+ if (!AES_KW_Encrypt(pRecipient, pK->v.bytes,
+ (int)pK->length * 8, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ } else {
+ if (!AES_KW_Encrypt(pRecipient, pbKey, (int)cbKey * 8,
+ pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ }
+ break;
#endif
#ifdef USE_AES_KW_192
- case COSE_Algorithm_AES_KW_192:
- if (pRecipient->m_pkey != NULL) {
- cn_cbor * pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
- CHECK_CONDITION(pK != NULL, COSE_ERR_INVALID_PARAMETER);
- if (!AES_KW_Encrypt(pRecipient, pK->v.bytes, (int)pK->length * 8, pbContent, (int)cbContent, perr)) goto errorReturn;
- }
- else {
- if (!AES_KW_Encrypt(pRecipient, pbKey, (int)cbKey * 8, pbContent, (int)cbContent, perr)) goto errorReturn;
- }
- break;
+ case COSE_Algorithm_AES_KW_192:
+ if (pRecipient->m_pkey != NULL) {
+ cn_cbor *pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
+ CHECK_CONDITION(pK != NULL, COSE_ERR_INVALID_PARAMETER);
+ if (!AES_KW_Encrypt(pRecipient, pK->v.bytes,
+ (int)pK->length * 8, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ } else {
+ if (!AES_KW_Encrypt(pRecipient, pbKey, (int)cbKey * 8,
+ pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ }
+ break;
#endif
#ifdef USE_AES_KW_256
- case COSE_Algorithm_AES_KW_256:
- if (pRecipient->m_pkey != NULL) {
- cn_cbor * pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
- CHECK_CONDITION(pK != NULL, COSE_ERR_INVALID_PARAMETER);
- if (!AES_KW_Encrypt(pRecipient, pK->v.bytes, (int) pK->length*8, pbContent, (int) cbContent, perr)) goto errorReturn;
- }
- else {
- if (!AES_KW_Encrypt(pRecipient, pbKey, (int) cbKey*8, pbContent, (int) cbContent, perr)) goto errorReturn;
- }
- break;
+ case COSE_Algorithm_AES_KW_256:
+ if (pRecipient->m_pkey != NULL) {
+ cn_cbor *pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
+ CHECK_CONDITION(pK != NULL, COSE_ERR_INVALID_PARAMETER);
+ if (!AES_KW_Encrypt(pRecipient, pK->v.bytes,
+ (int)pK->length * 8, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ } else {
+ if (!AES_KW_Encrypt(pRecipient, pbKey, (int)cbKey * 8,
+ pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ }
+ break;
#endif
#ifdef USE_ECDH_ES_A128KW
- case COSE_Algorithm_ECDH_ES_A128KW:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false, true, COSE_Algorithm_AES_KW_128, NULL, pRecipient->m_pkey, rgbKey, 128, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- if (!AES_KW_Encrypt(pRecipient, rgbKey, 128, pbContent, (int)cbContent, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_A128KW:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false,
+ true, COSE_Algorithm_AES_KW_128, NULL, pRecipient->m_pkey,
+ rgbKey, 128, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ if (!AES_KW_Encrypt(
+ pRecipient, rgbKey, 128, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_A192KW
- case COSE_Algorithm_ECDH_ES_A192KW:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false, true, COSE_Algorithm_AES_KW_192, NULL, pRecipient->m_pkey, rgbKey, 192, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- if (!AES_KW_Encrypt(pRecipient, rgbKey, 192, pbContent, (int)cbContent, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_A192KW:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false,
+ true, COSE_Algorithm_AES_KW_192, NULL, pRecipient->m_pkey,
+ rgbKey, 192, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ if (!AES_KW_Encrypt(
+ pRecipient, rgbKey, 192, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_A256KW
- case COSE_Algorithm_ECDH_ES_A256KW:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false, true, COSE_Algorithm_AES_KW_256, NULL, pRecipient->m_pkey, rgbKey, 256, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- if (!AES_KW_Encrypt(pRecipient, rgbKey, 256, pbContent, (int)cbContent, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_A256KW:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false,
+ true, COSE_Algorithm_AES_KW_256, NULL, pRecipient->m_pkey,
+ rgbKey, 256, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ if (!AES_KW_Encrypt(
+ pRecipient, rgbKey, 256, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_A128KW
- case COSE_Algorithm_ECDH_SS_A128KW:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true, true, COSE_Algorithm_AES_KW_128, pRecipient->m_pkeyStatic, pRecipient->m_pkey, rgbKey, 128, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- if (!AES_KW_Encrypt(pRecipient, rgbKey, 128, pbContent, (int)cbContent, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_A128KW:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true,
+ true, COSE_Algorithm_AES_KW_128, pRecipient->m_pkeyStatic,
+ pRecipient->m_pkey, rgbKey, 128, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ if (!AES_KW_Encrypt(
+ pRecipient, rgbKey, 128, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_A192KW
- case COSE_Algorithm_ECDH_SS_A192KW:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true, true, COSE_Algorithm_AES_KW_192, pRecipient->m_pkeyStatic, pRecipient->m_pkey, rgbKey, 192, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- if (!AES_KW_Encrypt(pRecipient, rgbKey, 192, pbContent, (int)cbContent, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_A192KW:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true,
+ true, COSE_Algorithm_AES_KW_192, pRecipient->m_pkeyStatic,
+ pRecipient->m_pkey, rgbKey, 192, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ if (!AES_KW_Encrypt(
+ pRecipient, rgbKey, 192, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_A256KW
- case COSE_Algorithm_ECDH_SS_A256KW:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true, true, COSE_Algorithm_AES_KW_256, pRecipient->m_pkeyStatic, pRecipient->m_pkey, rgbKey, 256, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- if (!AES_KW_Encrypt(pRecipient, rgbKey, 256, pbContent, (int)cbContent, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_A256KW:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true,
+ true, COSE_Algorithm_AES_KW_256, pRecipient->m_pkeyStatic,
+ pRecipient->m_pkey, rgbKey, 256, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ if (!AES_KW_Encrypt(
+ pRecipient, rgbKey, 256, pbContent, (int)cbContent, perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
- for (pri = pRecipient->m_encrypt.m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
- if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr)) goto errorReturn;
+ for (pri = pRecipient->m_encrypt.m_recipientFirst; pri != NULL;
+ pri = pri->m_recipientNext) {
+ if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr))
+ goto errorReturn;
}
// Figure out the clean up
@@ -847,27 +1047,37 @@
memset(pbKey, 0, cbKey);
COSE_FREE(pbKey, context);
}
- if (pbSecret != NULL) COSE_FREE(pbSecret, context);
- if (pbContext != NULL) COSE_FREE(pbContext, context);
- if (pbAuthData != NULL) COSE_FREE(pbAuthData, context);
- if (ptmp != NULL) cn_cbor_free(ptmp CBOR_CONTEXT_PARAM);
+ if (pbSecret != NULL)
+ COSE_FREE(pbSecret, context);
+ if (pbContext != NULL)
+ COSE_FREE(pbContext, context);
+ if (pbAuthData != NULL)
+ COSE_FREE(pbAuthData, context);
+ if (ptmp != NULL)
+ cn_cbor_free(ptmp CBOR_CONTEXT_PARAM);
return fRet;
}
-byte * _COSE_RecipientInfo_generateKey(COSE_RecipientInfo * pRecipient, int algIn, size_t cbitKeySize, cose_errback * perr)
+byte *_COSE_RecipientInfo_generateKey(COSE_RecipientInfo *pRecipient,
+ int algIn,
+ size_t cbitKeySize,
+ cose_errback *perr)
{
int alg;
- const cn_cbor * cn_Alg = _COSE_map_get_int(&pRecipient->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- byte * pbContext = NULL;
- byte * pb = NULL;
+ const cn_cbor *cn_Alg = _COSE_map_get_int(&pRecipient->m_encrypt.m_message,
+ COSE_Header_Algorithm, COSE_BOTH, perr);
+ byte *pbContext = NULL;
+ byte *pb = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pRecipient->m_encrypt.m_message.m_allocContext;
+ cn_cbor_context *context = &pRecipient->m_encrypt.m_message.m_allocContext;
#endif
- const cn_cbor * pK;
+ const cn_cbor *pK;
byte *pbSecret = NULL;
CHECK_CONDITION(cn_Alg != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION((cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ (cn_Alg->type == CN_CBOR_UINT) || (cn_Alg->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cn_Alg->v.uint;
_COSE_encode_protected(&pRecipient->m_encrypt.m_message, perr);
@@ -876,93 +1086,131 @@
CHECK_CONDITION(pb != NULL, COSE_ERR_OUT_OF_MEMORY);
switch (alg) {
- case COSE_Algorithm_Direct:
- CHECK_CONDITION(pRecipient->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
+ case COSE_Algorithm_Direct:
+ CHECK_CONDITION(
+ pRecipient->m_pkey != NULL, COSE_ERR_INVALID_PARAMETER);
pK = cn_cbor_mapget_int(pRecipient->m_pkey, -1);
- CHECK_CONDITION((pK != NULL) && (pK->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION((size_t)pK->length == cbitKeySize / 8, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((pK != NULL) && (pK->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((size_t)pK->length == cbitKeySize / 8,
+ COSE_ERR_INVALID_PARAMETER);
memcpy(pb, pK->v.bytes, cbitKeySize / 8);
- break;
+ break;
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, false, false, true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, false, false,
+ true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, false, false, true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 512, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, false, false,
+ true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 512,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, false, false, false, true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 128, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_AES_128:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, false, false, false,
+ true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 128,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, false, false, false, true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_Direct_HKDF_AES_256:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, false, false, false,
+ true, algIn, pRecipient->m_pkey, NULL, pb, cbitKeySize, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false, true, algIn, NULL, pRecipient->m_pkey, pb, cbitKeySize, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false,
+ true, algIn, NULL, pRecipient->m_pkey, pb, cbitKeySize, 256,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false, true, algIn, NULL, pRecipient->m_pkey, pb, cbitKeySize, 512, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, false,
+ true, algIn, NULL, pRecipient->m_pkey, pb, cbitKeySize, 512,
+ CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true, true, algIn, pRecipient->m_pkeyStatic, pRecipient->m_pkey, pb, cbitKeySize, 256, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true,
+ true, algIn, pRecipient->m_pkeyStatic, pRecipient->m_pkey,
+ pb, cbitKeySize, 256, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
- if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true, true, algIn, pRecipient->m_pkeyStatic, pRecipient->m_pkey, pb, cbitKeySize, 512, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
+ if (!HKDF_X(&pRecipient->m_encrypt.m_message, true, true, true,
+ true, algIn, pRecipient->m_pkeyStatic, pRecipient->m_pkey,
+ pb, cbitKeySize, 512, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
- if (pbSecret != NULL) COSE_FREE(pbSecret, context);
- if (pbContext != NULL) COSE_FREE(pbContext, context);
+ if (pbSecret != NULL)
+ COSE_FREE(pbSecret, context);
+ if (pbContext != NULL)
+ COSE_FREE(pbContext, context);
return pb;
errorReturn:
- if (pbSecret != NULL) COSE_FREE(pbSecret, context);
- if (pbContext != NULL) COSE_FREE(pbContext, context);
- if (pb != NULL) COSE_FREE(pb, context);
+ if (pbSecret != NULL)
+ COSE_FREE(pbSecret, context);
+ if (pbContext != NULL)
+ COSE_FREE(pbContext, context);
+ if (pb != NULL)
+ COSE_FREE(pb, context);
return NULL;
}
#endif
#if INCLUDE_ENCRYPT || INCLUDE_MAC
-bool COSE_Recipient_SetKey_secret(HCOSE_RECIPIENT hRecipient, const byte * rgbKey, int cbKey, const byte * rgbKid, int cbKid, cose_errback * perr)
+bool COSE_Recipient_SetKey_secret(HCOSE_RECIPIENT hRecipient,
+ const byte *rgbKey,
+ int cbKey,
+ const byte *rgbKid,
+ int cbKid,
+ cose_errback *perr)
{
- COSE_RecipientInfo * p;
- cn_cbor * cn_Temp = NULL;
- cn_cbor * cnTemp = NULL;
+ COSE_RecipientInfo *p;
+ cn_cbor *cn_Temp = NULL;
+ cn_cbor *cnTemp = NULL;
cn_cbor_errback cbor_error;
- byte * pbTemp = NULL;
- byte * pbKey = NULL;
+ byte *pbTemp = NULL;
+ byte *pbKey = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
- CHECK_CONDITION(IsValidRecipientHandle(hRecipient), COSE_ERR_INVALID_HANDLE);
+ CHECK_CONDITION(
+ IsValidRecipientHandle(hRecipient), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(rgbKey != NULL, COSE_ERR_INVALID_PARAMETER);
p = (COSE_RecipientInfo *)hRecipient;
@@ -971,14 +1219,19 @@
context = &p->m_encrypt.m_message.m_allocContext;
#endif
- cn_cbor * cnAlg = _COSE_map_get_int(&p->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ cn_cbor *cnAlg = _COSE_map_get_int(
+ &p->m_encrypt.m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
if (cnAlg != NULL) {
- CHECK_CONDITION(cnAlg->type == CN_CBOR_INT && cnAlg->v.sint == COSE_Algorithm_Direct, COSE_ERR_INVALID_PARAMETER);
- }
- else {
- cn_Temp = cn_cbor_int_create(COSE_Algorithm_Direct, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ CHECK_CONDITION(cnAlg->type == CN_CBOR_INT &&
+ cnAlg->v.sint == COSE_Algorithm_Direct,
+ COSE_ERR_INVALID_PARAMETER);
+ } else {
+ cn_Temp = cn_cbor_int_create(
+ COSE_Algorithm_Direct, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn_Temp != NULL, cbor_error);
- if (!COSE_Recipient_map_put_int(hRecipient, COSE_Header_Algorithm, cn_Temp, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!COSE_Recipient_map_put_int(hRecipient, COSE_Header_Algorithm,
+ cn_Temp, COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
cn_Temp = NULL;
}
@@ -987,11 +1240,14 @@
CHECK_CONDITION(pbTemp != NULL, COSE_ERR_OUT_OF_MEMORY);
memcpy(pbTemp, rgbKid, cbKid);
- cnTemp = cn_cbor_data_create(pbTemp, cbKid, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnTemp = cn_cbor_data_create(
+ pbTemp, cbKid, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnTemp != NULL, cbor_error);
pbTemp = NULL;
- if (!COSE_Recipient_map_put_int(hRecipient, COSE_Header_KID, cnTemp, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!COSE_Recipient_map_put_int(
+ hRecipient, COSE_Header_KID, cnTemp, COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
}
pbKey = (byte *)COSE_CALLOC(cbKey, 1, context);
@@ -999,36 +1255,48 @@
memcpy(pbKey, rgbKey, cbKey);
- cn_Temp = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn_Temp = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn_Temp != NULL, cbor_error);
- cnTemp = cn_cbor_int_create(4, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnTemp = cn_cbor_int_create(4, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnTemp != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn_Temp, COSE_Key_Type, cnTemp, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn_Temp, COSE_Key_Type, cnTemp,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
cnTemp = NULL;
- cnTemp = cn_cbor_data_create(pbKey, cbKey, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnTemp = cn_cbor_data_create(
+ pbKey, cbKey, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnTemp != NULL, cbor_error);
pbKey = NULL;
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn_Temp, -1, cnTemp, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn_Temp, -1, cnTemp,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
cnTemp = NULL;
- if (!COSE_Recipient_SetKey(hRecipient, cn_Temp, perr)) goto errorReturn;
+ if (!COSE_Recipient_SetKey(hRecipient, cn_Temp, perr))
+ goto errorReturn;
cn_Temp = NULL;
return true;
errorReturn:
- if (cn_Temp != NULL) CN_CBOR_FREE(cn_Temp, context);
- if (cnTemp != NULL) CN_CBOR_FREE(cnTemp, context);
- if (pbTemp != NULL) COSE_FREE(pbTemp, context);
- if (pbKey != NULL) COSE_FREE(pbKey, context);
+ if (cn_Temp != NULL)
+ CN_CBOR_FREE(cn_Temp, context);
+ if (cnTemp != NULL)
+ CN_CBOR_FREE(cnTemp, context);
+ if (pbTemp != NULL)
+ COSE_FREE(pbTemp, context);
+ if (pbKey != NULL)
+ COSE_FREE(pbKey, context);
return false;
}
-bool COSE_Recipient_SetKey(HCOSE_RECIPIENT h, const cn_cbor * pKey, cose_errback * perr)
+bool COSE_Recipient_SetKey(HCOSE_RECIPIENT h,
+ const cn_cbor *pKey,
+ cose_errback *perr)
{
- COSE_RecipientInfo * p;
+ COSE_RecipientInfo *p;
CHECK_CONDITION(IsValidRecipientHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(pKey != NULL, COSE_ERR_INVALID_PARAMETER);
@@ -1043,31 +1311,34 @@
}
/*!
-* @brief Set the senders static key for ECDH key agreement algorithms
-*
-* Set the Static private key to be used in computing ECDH key agreement
-* operation.
-*
-* Private portion of the key is not zeroed when the recipient object is
-* released.
-*
-* @param h Handle to the recipient object
-* @param pKey pointer to COSE key structure contiaing the private key
-* @param destination 0 - set nothing, 1 - set spk_kid, 2 - set spk
-* @param perr location for return of error code
-* @return true on success
-*/
+ * @brief Set the senders static key for ECDH key agreement algorithms
+ *
+ * Set the Static private key to be used in computing ECDH key agreement
+ * operation.
+ *
+ * Private portion of the key is not zeroed when the recipient object is
+ * released.
+ *
+ * @param h Handle to the recipient object
+ * @param pKey pointer to COSE key structure contiaing the private key
+ * @param destination 0 - set nothing, 1 - set spk_kid, 2 - set spk
+ * @param perr location for return of error code
+ * @return true on success
+ */
-bool COSE_Recipient_SetSenderKey(HCOSE_RECIPIENT h, const cn_cbor * pKey, int destination, cose_errback * perr)
+bool COSE_Recipient_SetSenderKey(HCOSE_RECIPIENT h,
+ const cn_cbor *pKey,
+ int destination,
+ cose_errback *perr)
{
- COSE_RecipientInfo * p;
+ COSE_RecipientInfo *p;
bool f = false;
- cn_cbor * cn;
- cn_cbor * cn2 = NULL;
- cn_cbor * cn3 = NULL;
+ cn_cbor *cn;
+ cn_cbor *cn2 = NULL;
+ cn_cbor *cn3 = NULL;
cn_cbor_errback cbor_err;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
CHECK_CONDITION(IsValidRecipientHandle(h), COSE_ERR_INVALID_HANDLE);
@@ -1080,129 +1351,157 @@
#endif
switch (destination) {
- case 0:
- break;
+ case 0:
+ break;
- case 1:
- cn = cn_cbor_mapget_int(pKey, COSE_Key_ID);
- CHECK_CONDITION(cn != NULL, COSE_ERR_INVALID_PARAMETER);
- cn2 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
- CHECK_CONDITION_CBOR(cn2 != NULL, cbor_err);
- CHECK_CONDITION(_COSE_map_put(&p->m_encrypt.m_message, COSE_Header_ECDH_SPK_KID, cn2, COSE_UNPROTECT_ONLY, perr), perr->err);
- cn2 = NULL;
- break;
+ case 1:
+ cn = cn_cbor_mapget_int(pKey, COSE_Key_ID);
+ CHECK_CONDITION(cn != NULL, COSE_ERR_INVALID_PARAMETER);
+ cn2 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
+ CHECK_CONDITION_CBOR(cn2 != NULL, cbor_err);
+ CHECK_CONDITION(
+ _COSE_map_put(&p->m_encrypt.m_message, COSE_Header_ECDH_SPK_KID,
+ cn2, COSE_UNPROTECT_ONLY, perr),
+ perr->err);
+ cn2 = NULL;
+ break;
- case 2:
- cn2 = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &cbor_err);
- CHECK_CONDITION_CBOR(cn2 != NULL, cbor_err);
- cn = cn_cbor_mapget_int(pKey, COSE_Key_Type);
- CHECK_CONDITION(cn != NULL, COSE_ERR_INVALID_PARAMETER);
- cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
- CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_Type, cn3, CBOR_CONTEXT_PARAM_COMMA &cbor_err), cbor_err);
- cn3 = NULL;
- cn = cn_cbor_mapget_int(pKey, COSE_Key_EC2_Curve);
- cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
- CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_EC2_Curve, cn3, CBOR_CONTEXT_PARAM_COMMA &cbor_err), cbor_err);
- cn3 = NULL;
- cn = cn_cbor_mapget_int(pKey, COSE_Key_EC2_X);
- cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
- CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_EC2_X, cn3, CBOR_CONTEXT_PARAM_COMMA &cbor_err), cbor_err);
- cn3 = NULL;
- cn = cn_cbor_mapget_int(pKey, COSE_Key_EC2_Y);
- cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA &cbor_err);
- CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_EC2_Y, cn3, CBOR_CONTEXT_PARAM_COMMA &cbor_err), cbor_err);
- cn3 = NULL;
- CHECK_CONDITION(_COSE_map_put(&p->m_encrypt.m_message, COSE_Header_ECDH_SPK, cn2, COSE_UNPROTECT_ONLY, perr), perr->err);
- cn2 = NULL;
- break;
+ case 2:
+ cn2 = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & cbor_err);
+ CHECK_CONDITION_CBOR(cn2 != NULL, cbor_err);
+ cn = cn_cbor_mapget_int(pKey, COSE_Key_Type);
+ CHECK_CONDITION(cn != NULL, COSE_ERR_INVALID_PARAMETER);
+ cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
+ CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_Type, cn3,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_err),
+ cbor_err);
+ cn3 = NULL;
+ cn = cn_cbor_mapget_int(pKey, COSE_Key_EC2_Curve);
+ cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
+ CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_EC2_Curve,
+ cn3, CBOR_CONTEXT_PARAM_COMMA & cbor_err),
+ cbor_err);
+ cn3 = NULL;
+ cn = cn_cbor_mapget_int(pKey, COSE_Key_EC2_X);
+ cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
+ CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_EC2_X, cn3,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_err),
+ cbor_err);
+ cn3 = NULL;
+ cn = cn_cbor_mapget_int(pKey, COSE_Key_EC2_Y);
+ cn3 = cn_cbor_clone(cn, CBOR_CONTEXT_PARAM_COMMA & cbor_err);
+ CHECK_CONDITION_CBOR(cn3 != NULL, cbor_err);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(cn2, COSE_Key_EC2_Y, cn3,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_err),
+ cbor_err);
+ cn3 = NULL;
+ CHECK_CONDITION(
+ _COSE_map_put(&p->m_encrypt.m_message, COSE_Header_ECDH_SPK,
+ cn2, COSE_UNPROTECT_ONLY, perr),
+ perr->err);
+ cn2 = NULL;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
p->m_pkeyStatic = pKey;
f = true;
errorReturn:
- if (cn2 != NULL) CN_CBOR_FREE(cn2, context);
- if (cn3 != NULL) CN_CBOR_FREE(cn3, context);
+ if (cn2 != NULL)
+ CN_CBOR_FREE(cn2, context);
+ if (cn3 != NULL)
+ CN_CBOR_FREE(cn3, context);
return f;
}
/*!
-* @brief Set the application external data for authentication
-*
-* Recipient data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE recipient data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * Recipient data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE recipient data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Recipient_SetExternal(HCOSE_RECIPIENT hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Recipient_SetExternal(HCOSE_RECIPIENT hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
if (!IsValidRecipientHandle(hcose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_HANDLE;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_HANDLE;
return false;
}
- return _COSE_SetExternal(&((COSE_RecipientInfo *)hcose)->m_encrypt.m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(
+ &((COSE_RecipientInfo *)hcose)->m_encrypt.m_message, pbExternalData,
+ cbExternalData, perr);
}
-
-bool COSE_Recipient_map_put_int(HCOSE_RECIPIENT h, int key, cn_cbor * value, int flags, cose_errback * perr)
+bool COSE_Recipient_map_put_int(HCOSE_RECIPIENT h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidRecipientHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(value != NULL, COSE_ERR_INVALID_PARAMETER);
- if (!_COSE_map_put(&((COSE_RecipientInfo *)h)->m_encrypt.m_message, key, value, flags, perr)) return false;
+ if (!_COSE_map_put(&((COSE_RecipientInfo *)h)->m_encrypt.m_message, key,
+ value, flags, perr))
+ return false;
if (key == COSE_Header_Algorithm) {
if (value->type == CN_CBOR_INT) {
switch (value->v.uint) {
- case COSE_Algorithm_Direct:
+ case COSE_Algorithm_Direct:
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
+ case COSE_Algorithm_Direct_HKDF_AES_128:
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
+ case COSE_Algorithm_Direct_HKDF_AES_256:
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
#endif
- ((COSE_RecipientInfo *)h)->m_encrypt.m_message.m_flags |= 1;
- break;
+ ((COSE_RecipientInfo *)h)->m_encrypt.m_message.m_flags |= 1;
+ break;
- default:
- ((COSE_RecipientInfo *)h)->m_encrypt.m_message.m_flags &= ~1;
- break;
+ default:
+ ((COSE_RecipientInfo *)h)->m_encrypt.m_message.m_flags &=
+ ~1;
+ break;
}
- }
- else {
+ } else {
((COSE_RecipientInfo *)h)->m_encrypt.m_message.m_flags &= ~1;
}
}
@@ -1215,131 +1514,154 @@
#endif
#if INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC || INCLUDE_MAC0
-static bool BuildContextBytes(COSE * pcose, int algID, size_t cbitKey, byte ** ppbContext, size_t * pcbContext, CBOR_CONTEXT_COMMA cose_errback * perr)
+static bool BuildContextBytes(COSE *pcose,
+ int algID,
+ size_t cbitKey,
+ byte **ppbContext,
+ size_t *pcbContext,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor * pArray;
+ cn_cbor *pArray;
cn_cbor_errback cbor_error;
bool fReturn = false;
- cn_cbor * cnT = NULL;
- cn_cbor * cnArrayT = NULL;
- cn_cbor * cnParam;
- byte * pbContext = NULL;
+ cn_cbor *cnT = NULL;
+ cn_cbor *cnArrayT = NULL;
+ cn_cbor *cnParam;
+ byte *pbContext = NULL;
- pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pArray != NULL, cbor_error);
- cnT = cn_cbor_int_create(algID, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_int_create(algID, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cnT, &cbor_error), cbor_error);
cnT = NULL;
- cnArrayT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnArrayT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnArrayT != NULL, cbor_error);
cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_U_name, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
- cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_U_nonce, COSE_BOTH, perr);
+ cnParam =
+ _COSE_map_get_int(pcose, COSE_Header_KDF_U_nonce, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
- cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_U_other, COSE_BOTH, perr);
+ cnParam =
+ _COSE_map_get_int(pcose, COSE_Header_KDF_U_other, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cnArrayT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cnArrayT, &cbor_error), cbor_error);
cnArrayT = NULL;
- cnArrayT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnArrayT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnArrayT != NULL, cbor_error);
cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_V_name, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
- cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_V_nonce, COSE_BOTH, perr);
+ cnParam =
+ _COSE_map_get_int(pcose, COSE_Header_KDF_V_nonce, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
- cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_V_other, COSE_BOTH, perr);
+ cnParam =
+ _COSE_map_get_int(pcose, COSE_Header_KDF_V_other, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- }
- else cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ } else
+ cnT = cn_cbor_null_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cnArrayT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cnArrayT, &cbor_error), cbor_error);
cnArrayT = NULL;
- cnArrayT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnArrayT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnArrayT != NULL, cbor_error);
- cnT = cn_cbor_int_create(cbitKey, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_int_create(cbitKey, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = _COSE_arrayget_int(pcose, INDEX_PROTECTED);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
}
- cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_PUB_other, COSE_BOTH, perr);
+ cnParam =
+ _COSE_map_get_int(pcose, COSE_Header_KDF_PUB_other, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(cnArrayT, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
}
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cnArrayT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cnArrayT, &cbor_error), cbor_error);
cnArrayT = NULL;
-
cnParam = _COSE_map_get_int(pcose, COSE_Header_KDF_PRIV, COSE_BOTH, perr);
if (cnParam != NULL) {
- cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cnT = cn_cbor_clone(cnParam, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cnT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cnT, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cnT, &cbor_error), cbor_error);
cnT = NULL;
cnParam = NULL;
}
@@ -1348,7 +1670,9 @@
CHECK_CONDITION(cbContext > 0, COSE_ERR_CBOR);
pbContext = (byte *)COSE_CALLOC(cbContext, 1, context);
CHECK_CONDITION(pbContext != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(cn_cbor_encoder_write(pbContext, 0, cbContext, pArray) == (ssize_t)cbContext, COSE_ERR_CBOR);
+ CHECK_CONDITION(cn_cbor_encoder_write(pbContext, 0, cbContext, pArray) ==
+ (ssize_t)cbContext,
+ COSE_ERR_CBOR);
*ppbContext = pbContext;
*pcbContext = cbContext;
@@ -1356,10 +1680,14 @@
fReturn = true;
returnHere:
- if (pbContext != NULL) COSE_FREE(pbContext, context);
- if (pArray != NULL) CN_CBOR_FREE(pArray, context);
- if (cnArrayT != NULL) CN_CBOR_FREE(cnArrayT, context);
- if (cnT != NULL) CN_CBOR_FREE(cnT, context);
+ if (pbContext != NULL)
+ COSE_FREE(pbContext, context);
+ if (pArray != NULL)
+ CN_CBOR_FREE(pArray, context);
+ if (cnArrayT != NULL)
+ CN_CBOR_FREE(cnArrayT, context);
+ if (cnT != NULL)
+ CN_CBOR_FREE(cnT, context);
return fReturn;
errorReturn:
@@ -1370,31 +1698,38 @@
#if INCLUDE_ENCRYPT || INCLUDE_MAC
/*! brief Retrieve header parameter from a recipient structure
-*
-* Retrieve a header parameter from the message.
-* Retrieved object is the same as the one in the message - do not delete it
-*
-* @param[in] h Handle of recipient object
-* @param[in] key Key to look for
-* @param[in] flags What buckets should we look for the message
-* @param[out] perror Location to return error codes
-* @return Object which is found or NULL
-*/
+ *
+ * Retrieve a header parameter from the message.
+ * Retrieved object is the same as the one in the message - do not delete it
+ *
+ * @param[in] h Handle of recipient object
+ * @param[in] key Key to look for
+ * @param[in] flags What buckets should we look for the message
+ * @param[out] perror Location to return error codes
+ * @return Object which is found or NULL
+ */
-cn_cbor * COSE_Recipient_map_get_int(HCOSE_RECIPIENT h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Recipient_map_get_int(HCOSE_RECIPIENT h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidRecipientHandle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_HANDLE;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_HANDLE;
return NULL;
}
- return _COSE_map_get_int(&((COSE_RecipientInfo *)h)->m_encrypt.m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_RecipientInfo *)h)->m_encrypt.m_message, key, flags, perror);
}
-HCOSE_RECIPIENT COSE_Recipient_GetRecipient(HCOSE_RECIPIENT cose, int iRecipient, cose_errback * perr)
+HCOSE_RECIPIENT COSE_Recipient_GetRecipient(HCOSE_RECIPIENT cose,
+ int iRecipient,
+ cose_errback *perr)
{
int i;
- COSE_RecipientInfo * p = NULL;
+ COSE_RecipientInfo *p = NULL;
CHECK_CONDITION(IsValidRecipientHandle(cose), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(iRecipient >= 0, COSE_ERR_INVALID_PARAMETER);
@@ -1404,19 +1739,22 @@
CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
p = p->m_recipientNext;
}
- if (p != NULL) p->m_encrypt.m_message.m_refCount++;
+ if (p != NULL)
+ p->m_encrypt.m_message.m_refCount++;
errorReturn:
return (HCOSE_RECIPIENT)p;
}
-bool COSE_Recipient_AddRecipient(HCOSE_RECIPIENT hEnc, HCOSE_RECIPIENT hRecip, cose_errback * perr)
+bool COSE_Recipient_AddRecipient(HCOSE_RECIPIENT hEnc,
+ HCOSE_RECIPIENT hRecip,
+ cose_errback *perr)
{
- COSE_RecipientInfo * pRecip;
- COSE_Enveloped * pEncrypt;
- cn_cbor * pRecipients = NULL;
+ COSE_RecipientInfo *pRecip;
+ COSE_Enveloped *pEncrypt;
+ cn_cbor *pRecipients = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context;
+ cn_cbor_context *context;
#endif
cn_cbor_errback cbor_error;
@@ -1428,24 +1766,29 @@
#ifdef USE_CBOR_CONTEXT
context = &pEncrypt->m_message.m_allocContext;
-#endif // USE_CBOR_CONTEXT
+#endif // USE_CBOR_CONTEXT
pRecip->m_recipientNext = pEncrypt->m_recipientFirst;
pEncrypt->m_recipientFirst = pRecip;
pRecipients = _COSE_arrayget_int(&pEncrypt->m_message, INDEX_RECIPIENTS);
if (pRecipients == NULL) {
- pRecipients = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pRecipients =
+ cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pRecipients != NULL, cbor_error);
- if (!_COSE_array_replace(&pEncrypt->m_message, pRecipients, INDEX_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA &cbor_error)) {
+ if (!_COSE_array_replace(&pEncrypt->m_message, pRecipients,
+ INDEX_RECIPIENTS, CBOR_CONTEXT_PARAM_COMMA & cbor_error)) {
CN_CBOR_FREE(pRecipients, context);
- if (perr != NULL) perr->err = _MapFromCBOR(cbor_error);
+ if (perr != NULL)
+ perr->err = _MapFromCBOR(cbor_error);
goto errorReturn;
}
}
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients, pRecip->m_encrypt.m_message.m_cbor, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_array_append(pRecipients,
+ pRecip->m_encrypt.m_message.m_cbor, &cbor_error),
+ cbor_error);
pRecip->m_encrypt.m_message.m_refCount++;
diff --git a/src/Sign.c b/src/Sign.c
index d0190aa..f4d3c23 100644
--- a/src/Sign.c
+++ b/src/Sign.c
@@ -1,6 +1,7 @@
/** \file Sign.c
-* Contains implementation of the functions related to HCOSE_SIGN handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_SIGN handle
+ * objects.
+ */
#include <stdlib.h>
@@ -10,45 +11,48 @@
#if INCLUDE_SIGN
-static COSE * SignRoot = NULL;
+static COSE *SignRoot = NULL;
/*! \private
-* @brief Test if a HCOSE_SIGN handle is valid
-*
-* Internal function to test if a sign handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_SIGN handle is valid
+ *
+ * Internal function to test if a sign handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
static bool IsValidSignHandle(HCOSE_SIGN h)
{
- COSE_SignMessage * p = (COSE_SignMessage *)h;
+ COSE_SignMessage *p = (COSE_SignMessage *)h;
- if (p == NULL) return false;
- return _COSE_IsInList(SignRoot, (COSE *) p);
+ if (p == NULL)
+ return false;
+ return _COSE_IsInList(SignRoot, (COSE *)p);
}
-
/** Allocate a SIGN message structure.
-*
-* Allocate a new SIGN message structure for creation of a COSE_Sign object.
-* @param context is a cn_cbor context object
-* @param perr is a cose_errback return variable
-* @return HCOSE_SIGN a handle for the newly allocated object
-*/
-HCOSE_SIGN COSE_Sign_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+ *
+ * Allocate a new SIGN message structure for creation of a COSE_Sign object.
+ * @param context is a cn_cbor context object
+ * @param perr is a cose_errback return variable
+ * @return HCOSE_SIGN a handle for the newly allocated object
+ */
+HCOSE_SIGN COSE_Sign_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
- COSE_SignMessage * pobj = (COSE_SignMessage *)COSE_CALLOC(1, sizeof(COSE_SignMessage), context);
+ COSE_SignMessage *pobj =
+ (COSE_SignMessage *)COSE_CALLOC(1, sizeof(COSE_SignMessage), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init(flags, &pobj->m_message, COSE_sign_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags, &pobj->m_message, COSE_sign_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
_COSE_Sign_Release(pobj);
COSE_FREE(pobj, context);
return NULL;
@@ -62,44 +66,56 @@
return NULL;
}
-HCOSE_SIGN _COSE_Sign_Init_From_Object(cn_cbor * cbor, COSE_SignMessage * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_SIGN _COSE_Sign_Init_From_Object(cn_cbor *cbor,
+ COSE_SignMessage *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_SignMessage * pobj = pIn;
- cn_cbor * pSigners = NULL;
+ COSE_SignMessage *pobj = pIn;
+ cn_cbor *pSigners = NULL;
// cn_cbor * tmp;
- cose_errback error = { 0 };
- if (perr == NULL) perr = &error;
+ cose_errback error = {0};
+ if (perr == NULL)
+ perr = &error;
- if (pobj == NULL) pobj = (COSE_SignMessage *)COSE_CALLOC(1, sizeof(COSE_SignMessage), context);
+ if (pobj == NULL)
+ pobj = (COSE_SignMessage *)COSE_CALLOC(
+ 1, sizeof(COSE_SignMessage), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
pSigners = _COSE_arrayget_int(&pobj->m_message, INDEX_SIGNERS);
CHECK_CONDITION(pSigners != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(pSigners->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(pSigners->length > 0, COSE_ERR_INVALID_PARAMETER); // Must be at least one signer
+ CHECK_CONDITION(
+ pSigners->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(pSigners->length > 0,
+ COSE_ERR_INVALID_PARAMETER); // Must be at least one signer
pSigners = pSigners->first_child;
do {
- COSE_SignerInfo * pInfo = _COSE_SignerInfo_Init_From_Object(pSigners, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
- if (pInfo == NULL) goto errorReturn;
+ COSE_SignerInfo *pInfo = _COSE_SignerInfo_Init_From_Object(
+ pSigners, NULL, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (pInfo == NULL)
+ goto errorReturn;
pInfo->m_signerNext = pobj->m_signerFirst;
pobj->m_signerFirst = pInfo;
pSigners = pSigners->next;
} while (pSigners != NULL);
- if (pIn == NULL) _COSE_InsertInList(&SignRoot, &pobj->m_message);
+ if (pIn == NULL)
+ _COSE_InsertInList(&SignRoot, &pobj->m_message);
- return(HCOSE_SIGN)pobj;
+ return (HCOSE_SIGN)pobj;
errorReturn:
if (pobj != NULL) {
_COSE_Sign_Release(pobj);
- if (pIn == NULL) COSE_FREE(pobj, context);
+ if (pIn == NULL)
+ COSE_FREE(pobj, context);
}
return NULL;
}
@@ -109,9 +125,10 @@
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context;
#endif
- COSE_SignMessage * pMessage = (COSE_SignMessage *)h;
+ COSE_SignMessage *pMessage = (COSE_SignMessage *)h;
- if (!IsValidSignHandle(h)) return false;
+ if (!IsValidSignHandle(h))
+ return false;
// Check reference counting
if (pMessage->m_message.m_refCount > 1) {
@@ -132,13 +149,12 @@
return true;
}
-void _COSE_Sign_Release(COSE_SignMessage * p)
+void _COSE_Sign_Release(COSE_SignMessage *p)
{
- COSE_SignerInfo * pSigner;
- COSE_SignerInfo * pSigner2;
+ COSE_SignerInfo *pSigner;
+ COSE_SignerInfo *pSigner2;
- for (pSigner = p->m_signerFirst; pSigner != NULL; pSigner = pSigner2)
- {
+ for (pSigner = p->m_signerFirst; pSigner != NULL; pSigner = pSigner2) {
pSigner2 = pSigner->m_signerNext;
_COSE_SignerInfo_Free(pSigner);
}
@@ -146,13 +162,16 @@
_COSE_Release(&p->m_message);
}
-bool COSE_Sign_SetContent(HCOSE_SIGN h, const byte * rgb, size_t cb, cose_errback * perr)
+bool COSE_Sign_SetContent(HCOSE_SIGN h,
+ const byte *rgb,
+ size_t cb,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
- cn_cbor * p = NULL;
- COSE_SignMessage * pMessage = (COSE_SignMessage *)h;
+ cn_cbor *p = NULL;
+ COSE_SignMessage *pMessage = (COSE_SignMessage *)h;
bool f = false;
CHECK_CONDITION(IsValidSignHandle(h), COSE_ERR_INVALID_HANDLE);
@@ -162,27 +181,33 @@
context = &pMessage->m_message.m_allocContext;
#endif
- p = cn_cbor_data_create(rgb, (int) cb, CBOR_CONTEXT_PARAM_COMMA NULL);
+ p = cn_cbor_data_create(rgb, (int)cb, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(p != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(_COSE_array_replace(&pMessage->m_message, p, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_OUT_OF_MEMORY);
+ CHECK_CONDITION(_COSE_array_replace(&pMessage->m_message, p, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_OUT_OF_MEMORY);
p = NULL;
f = true;
errorReturn:
- if (p != NULL) CN_CBOR_FREE(p, context);
+ if (p != NULL)
+ CN_CBOR_FREE(p, context);
return f;
}
-HCOSE_SIGNER COSE_Sign_add_signer(HCOSE_SIGN hSign, const cn_cbor * pkey, int algId, cose_errback * perr)
+HCOSE_SIGNER COSE_Sign_add_signer(HCOSE_SIGN hSign,
+ const cn_cbor *pkey,
+ int algId,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
- COSE_SignMessage * pMessage = (COSE_SignMessage *)hSign;
+ cn_cbor_context *context = NULL;
+ COSE_SignMessage *pMessage = (COSE_SignMessage *)hSign;
#endif
- const cn_cbor * cbor;
- cn_cbor * cbor2 = NULL;
+ const cn_cbor *cbor;
+ cn_cbor *cbor2 = NULL;
HCOSE_SIGNER hSigner = NULL;
cn_cbor_errback cbor_error;
@@ -194,44 +219,54 @@
#endif
hSigner = COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA perr);
- if (hSigner == NULL) goto errorReturn;
+ if (hSigner == NULL)
+ goto errorReturn;
-
- cbor2 = cn_cbor_int_create(algId, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cbor2 = cn_cbor_int_create(algId, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor2 != NULL, cbor_error);
- if (!COSE_Signer_map_put_int(hSigner, COSE_Header_Algorithm, cbor2, COSE_PROTECT_ONLY, perr)) goto errorReturn;
+ if (!COSE_Signer_map_put_int(
+ hSigner, COSE_Header_Algorithm, cbor2, COSE_PROTECT_ONLY, perr))
+ goto errorReturn;
cbor2 = NULL;
cbor = cn_cbor_mapget_int(pkey, COSE_Key_ID);
if (cbor != NULL) {
- CHECK_CONDITION(cbor->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
- cbor2 = cn_cbor_data_create(cbor->v.bytes, (int) cbor->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ CHECK_CONDITION(
+ cbor->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ cbor2 = cn_cbor_data_create(cbor->v.bytes, (int)cbor->length,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor2 != NULL, cbor_error);
- if (!COSE_Signer_map_put_int(hSigner, COSE_Header_KID, cbor2, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!COSE_Signer_map_put_int(
+ hSigner, COSE_Header_KID, cbor2, COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
cbor2 = NULL;
}
- if (!COSE_Signer_SetKey(hSigner, pkey, perr)) goto errorReturn;
+ if (!COSE_Signer_SetKey(hSigner, pkey, perr))
+ goto errorReturn;
- if (!COSE_Sign_AddSigner(hSign, hSigner, perr)) goto errorReturn;
+ if (!COSE_Sign_AddSigner(hSign, hSigner, perr))
+ goto errorReturn;
return hSigner;
errorReturn:
- if (cbor2 != NULL) CN_CBOR_FREE((void *)cbor2, context);
- if (hSigner != NULL) COSE_Signer_Free(hSigner);
+ if (cbor2 != NULL)
+ CN_CBOR_FREE((void *)cbor2, context);
+ if (hSigner != NULL)
+ COSE_Signer_Free(hSigner);
return NULL;
}
-bool COSE_Sign_Sign(HCOSE_SIGN h, cose_errback * perr)
+bool COSE_Sign_Sign(HCOSE_SIGN h, cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- // cn_cbor_context * context = NULL;
+ // cn_cbor_context * context = NULL;
#endif
- COSE_SignMessage * pMessage = (COSE_SignMessage *)h;
- COSE_SignerInfo * pSigner;
- const cn_cbor * pcborBody;
- const cn_cbor * pcborProtected;
+ COSE_SignMessage *pMessage = (COSE_SignMessage *)h;
+ COSE_SignerInfo *pSigner;
+ const cn_cbor *pcborBody;
+ const cn_cbor *pcborProtected;
if (!IsValidSignHandle(h)) {
CHECK_CONDITION(false, COSE_ERR_INVALID_HANDLE);
@@ -243,25 +278,31 @@
#endif
pcborBody = _COSE_arrayget_int(&pMessage->m_message, INDEX_BODY);
- CHECK_CONDITION((pcborBody != NULL) && (pcborBody->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((pcborBody != NULL) && (pcborBody->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
pcborProtected = _COSE_encode_protected(&pMessage->m_message, perr);
- if (pcborProtected == NULL) goto errorReturn;
+ if (pcborProtected == NULL)
+ goto errorReturn;
- for (pSigner = pMessage->m_signerFirst; pSigner != NULL; pSigner = pSigner->m_signerNext) {
- if (!_COSE_Signer_sign(pSigner, pcborBody, pcborProtected, perr)) goto errorReturn;
+ for (pSigner = pMessage->m_signerFirst; pSigner != NULL;
+ pSigner = pSigner->m_signerNext) {
+ if (!_COSE_Signer_sign(pSigner, pcborBody, pcborProtected, perr))
+ goto errorReturn;
}
return true;
}
-bool COSE_Sign_validate(HCOSE_SIGN hSign, HCOSE_SIGNER hSigner, cose_errback * perr)
+bool COSE_Sign_validate(HCOSE_SIGN hSign,
+ HCOSE_SIGNER hSigner,
+ cose_errback *perr)
{
bool f;
- COSE_SignMessage * pSign;
- COSE_SignerInfo * pSigner;
- const cn_cbor * cnContent;
- const cn_cbor * cnProtected;
+ COSE_SignMessage *pSign;
+ COSE_SignerInfo *pSigner;
+ const cn_cbor *cnContent;
+ const cn_cbor *cnProtected;
CHECK_CONDITION(IsValidSignHandle(hSign), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(IsValidSignerHandle(hSigner), COSE_ERR_INVALID_HANDLE);
@@ -270,10 +311,12 @@
pSigner = (COSE_SignerInfo *)hSigner;
cnContent = _COSE_arrayget_int(&pSign->m_message, INDEX_BODY);
- CHECK_CONDITION(cnContent != NULL && cnContent->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cnContent != NULL && cnContent->type == CN_CBOR_BYTES,
+ COSE_ERR_INVALID_PARAMETER);
cnProtected = _COSE_arrayget_int(&pSign->m_message, INDEX_PROTECTED);
- CHECK_CONDITION(cnProtected != NULL && cnProtected->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cnProtected != NULL && cnProtected->type == CN_CBOR_BYTES,
+ COSE_ERR_INVALID_PARAMETER);
f = _COSE_Signer_validate(pSign, pSigner, cnContent, cnProtected, perr);
@@ -283,15 +326,16 @@
return false;
}
-
-bool COSE_Sign_AddSigner(HCOSE_SIGN hSign, HCOSE_SIGNER hSigner, cose_errback * perr)
+bool COSE_Sign_AddSigner(HCOSE_SIGN hSign,
+ HCOSE_SIGNER hSigner,
+ cose_errback *perr)
{
- COSE_SignerInfo * pSigner;
- COSE_SignMessage * pSign;
- cn_cbor * pSigners = NULL;
- cn_cbor * pSignersT = NULL;
+ COSE_SignerInfo *pSigner;
+ COSE_SignMessage *pSign;
+ cn_cbor *pSigners = NULL;
+ cn_cbor *pSignersT = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
cn_cbor_errback cbor_error;
@@ -306,62 +350,83 @@
#ifdef USE_CBOR_CONTEXT
context = &pSign->m_message.m_allocContext;
-#endif // USE_CBOR_CONTEXT
+#endif // USE_CBOR_CONTEXT
pSigners = _COSE_arrayget_int(&pSign->m_message, INDEX_SIGNERS);
if (pSigners == NULL) {
- pSignersT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pSignersT = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pSignersT != NULL, cbor_error);
- CHECK_CONDITION_CBOR(_COSE_array_replace(&pSign->m_message, pSignersT, INDEX_SIGNERS, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ _COSE_array_replace(&pSign->m_message, pSignersT, INDEX_SIGNERS,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
pSigners = pSignersT;
pSignersT = NULL;
}
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pSigners, pSigner->m_message.m_cbor, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pSigners, pSigner->m_message.m_cbor, &cbor_error),
+ cbor_error);
pSigner->m_message.m_refCount++;
return true;
errorReturn:
- if (pSignersT == NULL) CN_CBOR_FREE(pSignersT, context);
+ if (pSignersT == NULL)
+ CN_CBOR_FREE(pSignersT, context);
return false;
}
-cn_cbor * COSE_Sign_map_get_int(HCOSE_SIGN h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Sign_map_get_int(HCOSE_SIGN h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidSignHandle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_HANDLE;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_HANDLE;
return NULL;
}
- return _COSE_map_get_int(&((COSE_SignMessage *)h)->m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_SignMessage *)h)->m_message, key, flags, perror);
}
-bool COSE_Sign_map_put_int(HCOSE_SIGN h, int key, cn_cbor * value, int flags, cose_errback * perror)
+bool COSE_Sign_map_put_int(HCOSE_SIGN h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perror)
{
- if (!IsValidSignHandle(h)){
- if (perror != NULL) perror->err = COSE_ERR_INVALID_HANDLE;
+ if (!IsValidSignHandle(h)) {
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_HANDLE;
return false;
}
- return _COSE_map_put(&((COSE_SignMessage *)h)->m_message, key, value, flags, perror);
+ return _COSE_map_put(
+ &((COSE_SignMessage *)h)->m_message, key, value, flags, perror);
}
-HCOSE_SIGNER COSE_Sign_GetSigner(HCOSE_SIGN cose, int iSigner, cose_errback * perr)
+HCOSE_SIGNER COSE_Sign_GetSigner(HCOSE_SIGN cose,
+ int iSigner,
+ cose_errback *perr)
{
int i;
- COSE_SignerInfo * p;
+ COSE_SignerInfo *p;
if (!IsValidSignHandle(cose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_HANDLE;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_HANDLE;
return NULL;
}
p = ((COSE_SignMessage *)cose)->m_signerFirst;
for (i = 0; i < iSigner; i++) {
if (p == NULL) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
return NULL;
}
p = p->m_signerNext;
diff --git a/src/Sign1.c b/src/Sign1.c
index 60f89f1..cfc6c12 100644
--- a/src/Sign1.c
+++ b/src/Sign1.c
@@ -1,6 +1,7 @@
/** \file Sign.c
-* Contains implementation of the functions related to HCOSE_SIGN handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_SIGN handle
+ * objects.
+ */
#include <stdlib.h>
@@ -11,45 +12,53 @@
#if INCLUDE_SIGN1
-bool _COSE_Signer0_sign(COSE_Sign1Message * pSigner, const cn_cbor * pKey, cose_errback * perr);
-bool _COSE_Signer0_validate(COSE_Sign1Message * pSign, const cn_cbor * pKey, cose_errback * perr);
-void _COSE_Sign1_Release(COSE_Sign1Message * p);
+bool _COSE_Signer0_sign(COSE_Sign1Message *pSigner,
+ const cn_cbor *pKey,
+ cose_errback *perr);
+bool _COSE_Signer0_validate(COSE_Sign1Message *pSign,
+ const cn_cbor *pKey,
+ cose_errback *perr);
+void _COSE_Sign1_Release(COSE_Sign1Message *p);
-static COSE * Sign1Root = NULL;
+static COSE *Sign1Root = NULL;
/*! \private
-* @brief Test if a HCOSE_SIGN1 handle is valid
-*
-* Internal function to test if a sign1 message handle is valid.
-* This will start returning invalid results and cause the code to
-* crash if handles are not released before the memory that underlies them
-* is deallocated. This is an issue of a block allocator is used since
-* in that case it is common to allocate memory but never to de-allocate it
-* and just do that in a single big block.
-*
-* @param h handle to be validated
-* @returns result of check
-*/
+ * @brief Test if a HCOSE_SIGN1 handle is valid
+ *
+ * Internal function to test if a sign1 message handle is valid.
+ * This will start returning invalid results and cause the code to
+ * crash if handles are not released before the memory that underlies them
+ * is deallocated. This is an issue of a block allocator is used since
+ * in that case it is common to allocate memory but never to de-allocate it
+ * and just do that in a single big block.
+ *
+ * @param h handle to be validated
+ * @returns result of check
+ */
bool IsValidSign1Handle(HCOSE_SIGN1 h)
{
- COSE_Sign1Message * p = (COSE_Sign1Message *)h;
+ COSE_Sign1Message *p = (COSE_Sign1Message *)h;
- if (p == NULL) return false;
- return _COSE_IsInList(Sign1Root, (COSE *) p);
+ if (p == NULL)
+ return false;
+ return _COSE_IsInList(Sign1Root, (COSE *)p);
}
-
-HCOSE_SIGN1 COSE_Sign1_Init(COSE_INIT_FLAGS flags, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_SIGN1 COSE_Sign1_Init(COSE_INIT_FLAGS flags,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
CHECK_CONDITION(flags == COSE_INIT_FLAGS_NONE, COSE_ERR_INVALID_PARAMETER);
- COSE_Sign1Message * pobj = (COSE_Sign1Message *)COSE_CALLOC(1, sizeof(COSE_Sign1Message), context);
+ COSE_Sign1Message *pobj =
+ (COSE_Sign1Message *)COSE_CALLOC(1, sizeof(COSE_Sign1Message), context);
if (pobj == NULL) {
- if (perr != NULL) perr->err = COSE_ERR_OUT_OF_MEMORY;
+ if (perr != NULL)
+ perr->err = COSE_ERR_OUT_OF_MEMORY;
return NULL;
}
- if (!_COSE_Init(flags,&pobj->m_message, COSE_sign_object, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init(flags, &pobj->m_message, COSE_sign_object,
+ CBOR_CONTEXT_PARAM_COMMA perr)) {
_COSE_Sign1_Release(pobj);
COSE_FREE(pobj, context);
return NULL;
@@ -63,28 +72,36 @@
return NULL;
}
-HCOSE_SIGN1 _COSE_Sign1_Init_From_Object(cn_cbor * cbor, COSE_Sign1Message * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
+HCOSE_SIGN1 _COSE_Sign1_Init_From_Object(cn_cbor *cbor,
+ COSE_Sign1Message *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_Sign1Message * pobj = pIn;
- cose_errback error = { 0 };
+ COSE_Sign1Message *pobj = pIn;
+ cose_errback error = {0};
- if (perr == NULL) perr = &error;
+ if (perr == NULL)
+ perr = &error;
- if (pobj == NULL) pobj = (COSE_Sign1Message *)COSE_CALLOC(1, sizeof(COSE_Sign1Message), context);
+ if (pobj == NULL)
+ pobj = (COSE_Sign1Message *)COSE_CALLOC(
+ 1, sizeof(COSE_Sign1Message), context);
CHECK_CONDITION(pobj != NULL, COSE_ERR_OUT_OF_MEMORY);
- if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ if (!_COSE_Init_From_Object(
+ &pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
goto errorReturn;
}
- if (pIn == NULL) _COSE_InsertInList(&Sign1Root, &pobj->m_message);
+ if (pIn == NULL)
+ _COSE_InsertInList(&Sign1Root, &pobj->m_message);
- return(HCOSE_SIGN1)pobj;
+ return (HCOSE_SIGN1)pobj;
errorReturn:
if (pobj != NULL) {
_COSE_Sign1_Release(pobj);
- if (pIn == NULL) COSE_FREE(pobj, context);
+ if (pIn == NULL)
+ COSE_FREE(pobj, context);
}
return NULL;
}
@@ -94,9 +111,10 @@
#ifdef USE_CBOR_CONTEXT
cn_cbor_context *context;
#endif
- COSE_Sign1Message * pMessage = (COSE_Sign1Message *)h;
+ COSE_Sign1Message *pMessage = (COSE_Sign1Message *)h;
- if (!IsValidSign1Handle(h)) return false;
+ if (!IsValidSign1Handle(h))
+ return false;
// Check reference counting
if (pMessage->m_message.m_refCount > 1) {
@@ -117,18 +135,21 @@
return true;
}
-void _COSE_Sign1_Release(COSE_Sign1Message * p)
+void _COSE_Sign1_Release(COSE_Sign1Message *p)
{
_COSE_Release(&p->m_message);
}
-bool COSE_Sign1_SetContent(HCOSE_SIGN1 h, const byte * rgb, size_t cb, cose_errback * perr)
+bool COSE_Sign1_SetContent(HCOSE_SIGN1 h,
+ const byte *rgb,
+ size_t cb,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
- cn_cbor * p = NULL;
- COSE_Sign1Message * pMessage = (COSE_Sign1Message *)h;
+ cn_cbor *p = NULL;
+ COSE_Sign1Message *pMessage = (COSE_Sign1Message *)h;
bool fRet = false;
CHECK_CONDITION(IsValidSign1Handle(h), COSE_ERR_INVALID_HANDLE);
@@ -138,51 +159,60 @@
context = &pMessage->m_message.m_allocContext;
#endif
- p = cn_cbor_data_create(rgb, (int) cb, CBOR_CONTEXT_PARAM_COMMA NULL);
+ p = cn_cbor_data_create(rgb, (int)cb, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(p != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(_COSE_array_replace(&pMessage->m_message, p, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_OUT_OF_MEMORY);
+ CHECK_CONDITION(_COSE_array_replace(&pMessage->m_message, p, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_OUT_OF_MEMORY);
p = NULL;
fRet = true;
errorReturn:
- if (p != NULL) CN_CBOR_FREE(p, context);
+ if (p != NULL)
+ CN_CBOR_FREE(p, context);
return fRet;
}
/*!
-* @brief Set the application external data for authentication
-*
-* Enveloped data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE Enveloped data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * Enveloped data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE Enveloped data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Sign1_SetExternal(HCOSE_SIGN1 hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Sign1_SetExternal(HCOSE_SIGN1 hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
if (!IsValidSign1Handle(hcose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_HANDLE;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_HANDLE;
return false;
}
- return _COSE_SetExternal(&((COSE_Sign1Message *)hcose)->m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(&((COSE_Sign1Message *)hcose)->m_message,
+ pbExternalData, cbExternalData, perr);
}
-bool COSE_Sign1_Sign(HCOSE_SIGN1 h, const cn_cbor * pKey, cose_errback * perr)
+bool COSE_Sign1_Sign(HCOSE_SIGN1 h, const cn_cbor *pKey, cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
// cn_cbor_context * context = NULL;
#endif
- COSE_Sign1Message * pMessage = (COSE_Sign1Message *)h;
- const cn_cbor * pcborProtected;
+ COSE_Sign1Message *pMessage = (COSE_Sign1Message *)h;
+ const cn_cbor *pcborProtected;
if (!IsValidSign1Handle(h)) {
CHECK_CONDITION(false, COSE_ERR_INVALID_HANDLE);
@@ -194,31 +224,37 @@
#endif
pcborProtected = _COSE_encode_protected(&pMessage->m_message, perr);
- if (pcborProtected == NULL) goto errorReturn;
+ if (pcborProtected == NULL)
+ goto errorReturn;
- if (!_COSE_Signer0_sign(pMessage, pKey, perr)) goto errorReturn;
+ if (!_COSE_Signer0_sign(pMessage, pKey, perr))
+ goto errorReturn;
return true;
}
-bool COSE_Sign1_validate(HCOSE_SIGN1 hSign, const cn_cbor * pKey, cose_errback * perr)
+bool COSE_Sign1_validate(HCOSE_SIGN1 hSign,
+ const cn_cbor *pKey,
+ cose_errback *perr)
{
bool f;
- COSE_Sign1Message * pSign;
- const cn_cbor * cnContent;
- const cn_cbor * cnProtected;
+ COSE_Sign1Message *pSign;
+ const cn_cbor *cnContent;
+ const cn_cbor *cnProtected;
CHECK_CONDITION(IsValidSign1Handle(hSign), COSE_ERR_INVALID_HANDLE);
pSign = (COSE_Sign1Message *)hSign;
cnContent = _COSE_arrayget_int(&pSign->m_message, INDEX_BODY);
- CHECK_CONDITION(cnContent != NULL && cnContent->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cnContent != NULL && cnContent->type == CN_CBOR_BYTES,
+ COSE_ERR_INVALID_PARAMETER);
cnProtected = _COSE_arrayget_int(&pSign->m_message, INDEX_PROTECTED);
- CHECK_CONDITION(cnProtected != NULL && cnProtected->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(cnProtected != NULL && cnProtected->type == CN_CBOR_BYTES,
+ COSE_ERR_INVALID_PARAMETER);
- f = _COSE_Signer0_validate(pSign, pKey, perr);
+ f = _COSE_Signer0_validate(pSign, pKey, perr);
return f;
@@ -226,158 +262,201 @@
return false;
}
-
-cn_cbor * COSE_Sign1_map_get_int(HCOSE_SIGN1 h, int key, int flags, cose_errback * perror)
+cn_cbor *COSE_Sign1_map_get_int(HCOSE_SIGN1 h,
+ int key,
+ int flags,
+ cose_errback *perror)
{
if (!IsValidSign1Handle(h)) {
- if (perror != NULL) perror->err = COSE_ERR_INVALID_HANDLE;
+ if (perror != NULL)
+ perror->err = COSE_ERR_INVALID_HANDLE;
return NULL;
}
- return _COSE_map_get_int(&((COSE_Sign1Message *)h)->m_message, key, flags, perror);
+ return _COSE_map_get_int(
+ &((COSE_Sign1Message *)h)->m_message, key, flags, perror);
}
-bool COSE_Sign1_map_put_int(HCOSE_SIGN1 h, int key, cn_cbor * value, int flags, cose_errback * perr)
+bool COSE_Sign1_map_put_int(HCOSE_SIGN1 h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidSign1Handle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(value != NULL, COSE_ERR_INVALID_PARAMETER);
- return _COSE_map_put(&((COSE_Sign1Message *)h)->m_message, key, value, flags, perr);
+ return _COSE_map_put(
+ &((COSE_Sign1Message *)h)->m_message, key, value, flags, perr);
errorReturn:
return false;
}
-
-static bool CreateSign1AAD(COSE_Sign1Message * pMessage, byte ** ppbToSign, size_t * pcbToSign, char * szContext, cose_errback * perr)
+static bool CreateSign1AAD(COSE_Sign1Message *pMessage,
+ byte **ppbToSign,
+ size_t *pcbToSign,
+ char *szContext,
+ cose_errback *perr)
{
- cn_cbor * pArray = NULL;
+ cn_cbor *pArray = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pMessage->m_message.m_allocContext;
+ cn_cbor_context *context = &pMessage->m_message.m_allocContext;
#endif
cn_cbor_errback cbor_error;
- cn_cbor * cn = NULL;
- cn_cbor * cn2;
+ cn_cbor *cn = NULL;
+ cn_cbor *cn2;
size_t cbToSign;
- byte * pbToSign = NULL;
+ byte *pbToSign = NULL;
- pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pArray != NULL, cbor_error);
- cn = cn_cbor_string_create(szContext, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn =
+ cn_cbor_string_create(szContext, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
cn2 = _COSE_arrayget_int(&pMessage->m_message, INDEX_PROTECTED);
CHECK_CONDITION(cn2 != NULL, COSE_ERR_INVALID_PARAMETER);
- if ((cn2->length == 1) && (cn2->v.bytes[0] == 0xa0)) cn = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- else cn = cn_cbor_data_create(cn2->v.bytes, (int)cn2->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ if ((cn2->length == 1) && (cn2->v.bytes[0] == 0xa0))
+ cn =
+ cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ else
+ cn = cn_cbor_data_create(cn2->v.bytes, (int)cn2->length,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
- cn = cn_cbor_data_create(pMessage->m_message.m_pbExternal, (int) pMessage->m_message.m_cbExternal, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn = cn_cbor_data_create(pMessage->m_message.m_pbExternal,
+ (int)pMessage->m_message.m_cbExternal,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
cn2 = _COSE_arrayget_int(&pMessage->m_message, INDEX_BODY);
- cn = cn_cbor_data_create(cn2->v.bytes, (int)cn2->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn = cn_cbor_data_create(
+ cn2->v.bytes, (int)cn2->length, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
-
cbToSign = cn_cbor_encode_size(pArray);
CHECK_CONDITION(cbToSign > 0, COSE_ERR_CBOR);
pbToSign = (byte *)COSE_CALLOC(cbToSign, 1, context);
CHECK_CONDITION(pbToSign != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(cn_cbor_encoder_write(pbToSign, 0, cbToSign, pArray) == (ssize_t)cbToSign, COSE_ERR_CBOR);
+ CHECK_CONDITION(cn_cbor_encoder_write(pbToSign, 0, cbToSign, pArray) ==
+ (ssize_t)cbToSign,
+ COSE_ERR_CBOR);
*ppbToSign = pbToSign;
*pcbToSign = cbToSign;
pbToSign = NULL;
- if (cn != NULL) CN_CBOR_FREE(cn, context);
- if (pArray != NULL) COSE_FREE(pArray, context);
+ if (cn != NULL)
+ CN_CBOR_FREE(cn, context);
+ if (pArray != NULL)
+ COSE_FREE(pArray, context);
return true;
errorReturn:
- if (pbToSign != NULL) COSE_FREE(pbToSign, context);
- if (cn != NULL) CN_CBOR_FREE(cn, context);
- if (pArray != NULL) COSE_FREE(pArray, context);
+ if (pbToSign != NULL)
+ COSE_FREE(pbToSign, context);
+ if (cn != NULL)
+ CN_CBOR_FREE(cn, context);
+ if (pArray != NULL)
+ COSE_FREE(pArray, context);
return false;
}
-bool _COSE_Signer0_sign(COSE_Sign1Message * pSigner, const cn_cbor * pKey, cose_errback * perr)
+bool _COSE_Signer0_sign(COSE_Sign1Message *pSigner,
+ const cn_cbor *pKey,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pSigner->m_message.m_allocContext;
+ cn_cbor_context *context = &pSigner->m_message.m_allocContext;
#endif
- cn_cbor * pcborBody2 = NULL;
- cn_cbor * pcborProtected2 = NULL;
- cn_cbor * pArray = NULL;
- cn_cbor * cn = NULL;
+ cn_cbor *pcborBody2 = NULL;
+ cn_cbor *pcborProtected2 = NULL;
+ cn_cbor *pArray = NULL;
+ cn_cbor *cn = NULL;
size_t cbToSign;
- byte * pbToSign = NULL;
+ byte *pbToSign = NULL;
bool f;
int alg;
pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA NULL);
if (pArray == NULL) {
- if (perr != NULL) perr->err = COSE_ERR_OUT_OF_MEMORY;
+ if (perr != NULL)
+ perr->err = COSE_ERR_OUT_OF_MEMORY;
errorReturn:
- if (pcborBody2 != NULL) CN_CBOR_FREE(pcborBody2, context);
- if (pcborProtected2 != NULL) CN_CBOR_FREE(pcborProtected2, context);
- if (pArray != NULL) COSE_FREE(pArray, context);
- if (pbToSign != NULL) COSE_FREE(pbToSign, context);
+ if (pcborBody2 != NULL)
+ CN_CBOR_FREE(pcborBody2, context);
+ if (pcborProtected2 != NULL)
+ CN_CBOR_FREE(pcborProtected2, context);
+ if (pArray != NULL)
+ COSE_FREE(pArray, context);
+ if (pbToSign != NULL)
+ COSE_FREE(pbToSign, context);
return false;
}
- cn = _COSE_map_get_int(&pSigner->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn == NULL) goto errorReturn;
+ cn = _COSE_map_get_int(
+ &pSigner->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn == NULL)
+ goto errorReturn;
if (cn->type == CN_CBOR_TEXT) {
FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- }
- else {
- CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cn->v.uint;
}
-
- if (!CreateSign1AAD(pSigner, &pbToSign, &cbToSign, "Signature1", perr)) goto errorReturn;
+ if (!CreateSign1AAD(pSigner, &pbToSign, &cbToSign, "Signature1", perr))
+ goto errorReturn;
switch (alg) {
#ifdef USE_ECDSA_SHA_256
- case COSE_Algorithm_ECDSA_SHA_256:
- f = ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE+1, pKey, 256, pbToSign, cbToSign, perr);
- break;
+ case COSE_Algorithm_ECDSA_SHA_256:
+ f = ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE + 1, pKey, 256,
+ pbToSign, cbToSign, perr);
+ break;
#endif
#ifdef USE_ECDSA_SHA_384
- case COSE_Algorithm_ECDSA_SHA_384:
- f = ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE+1, pKey, 384, pbToSign, cbToSign, perr);
- break;
+ case COSE_Algorithm_ECDSA_SHA_384:
+ f = ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE + 1, pKey, 384,
+ pbToSign, cbToSign, perr);
+ break;
#endif
#ifdef USE_ECDSA_SHA_512
- case COSE_Algorithm_ECDSA_SHA_512:
- f = ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE+1, pKey, 512, pbToSign, cbToSign, perr);
- break;
+ case COSE_Algorithm_ECDSA_SHA_512:
+ f = ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE + 1, pKey, 512,
+ pbToSign, cbToSign, perr);
+ break;
#endif
#ifdef USE_EDDSA
- case COSE_Algorithm_EdDSA:
- f = EdDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE + 1, pKey, pbToSign, cbToSign, perr);
- break;
+ case COSE_Algorithm_EdDSA:
+ f = EdDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE + 1, pKey,
+ pbToSign, cbToSign, perr);
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
}
COSE_FREE(pbToSign, context);
@@ -386,13 +465,15 @@
return f;
}
-bool _COSE_Signer0_validate(COSE_Sign1Message * pSign, const cn_cbor * pKey, cose_errback * perr)
+bool _COSE_Signer0_validate(COSE_Sign1Message *pSign,
+ const cn_cbor *pKey,
+ cose_errback *perr)
{
- byte * pbToSign = NULL;
+ byte *pbToSign = NULL;
int alg;
- const cn_cbor * cn = NULL;
+ const cn_cbor *cn = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = NULL;
+ cn_cbor_context *context = NULL;
#endif
size_t cbToSign;
bool fRet = false;
@@ -401,56 +482,68 @@
context = &pSign->m_message.m_allocContext;
#endif
- cn = _COSE_map_get_int(&pSign->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn == NULL) goto errorReturn;
+ cn = _COSE_map_get_int(
+ &pSign->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn == NULL)
+ goto errorReturn;
if (cn->type == CN_CBOR_TEXT) {
FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- }
- else {
- CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cn->v.uint;
}
// Build protected headers
- if (!CreateSign1AAD(pSign, &pbToSign, &cbToSign, "Signature1", perr)) goto errorReturn;
+ if (!CreateSign1AAD(pSign, &pbToSign, &cbToSign, "Signature1", perr))
+ goto errorReturn;
switch (alg) {
#ifdef USE_ECDSA_SHA_256
- case COSE_Algorithm_ECDSA_SHA_256:
- if (!ECDSA_Verify(&pSign->m_message, INDEX_SIGNATURE+1, pKey, 256, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_256:
+ if (!ECDSA_Verify(&pSign->m_message, INDEX_SIGNATURE + 1, pKey, 256,
+ pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDSA_SHA_384
- case COSE_Algorithm_ECDSA_SHA_384:
- if (!ECDSA_Verify(&pSign->m_message, INDEX_SIGNATURE+1, pKey, 384, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_384:
+ if (!ECDSA_Verify(&pSign->m_message, INDEX_SIGNATURE + 1, pKey, 384,
+ pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDSA_SHA_512
- case COSE_Algorithm_ECDSA_SHA_512:
- if (!ECDSA_Verify(&pSign->m_message, INDEX_SIGNATURE+1, pKey, 512, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_512:
+ if (!ECDSA_Verify(&pSign->m_message, INDEX_SIGNATURE + 1, pKey, 512,
+ pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_EDDSA
- case COSE_Algorithm_EdDSA:
- if (!EdDSA_Verify(&pSign->m_message, INDEX_SIGNATURE + 1, pKey, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_EdDSA:
+ if (!EdDSA_Verify(&pSign->m_message, INDEX_SIGNATURE + 1, pKey,
+ pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
fRet = true;
errorReturn:
- if (pbToSign != NULL) COSE_FREE(pbToSign, context);
+ if (pbToSign != NULL)
+ COSE_FREE(pbToSign, context);
return fRet;
}
diff --git a/src/SignerInfo.c b/src/SignerInfo.c
index 8410802..824c796 100644
--- a/src/SignerInfo.c
+++ b/src/SignerInfo.c
@@ -1,6 +1,7 @@
/** \file SignerInfo.c
-* Contains implementation of the functions related to HCOSE_SIGNER handle objects.
-*/
+ * Contains implementation of the functions related to HCOSE_SIGNER handle
+ * objects.
+ */
#include <stdlib.h>
#ifndef __MBED__
@@ -14,16 +15,15 @@
#if INCLUDE_SIGN
-static COSE * SignerRoot = NULL;
+static COSE *SignerRoot = NULL;
bool IsValidSignerHandle(HCOSE_SIGNER h)
{
- COSE_SignerInfo * p = (COSE_SignerInfo *)h;
- return _COSE_IsInList(SignerRoot, (COSE *) p);
+ COSE_SignerInfo *p = (COSE_SignerInfo *)h;
+ return _COSE_IsInList(SignerRoot, (COSE *)p);
}
-
-bool _COSE_SignerInfo_Free(COSE_SignerInfo * pSigner)
+bool _COSE_SignerInfo_Free(COSE_SignerInfo *pSigner)
{
// Check ref counting
if (pSigner->m_message.m_refCount > 1) {
@@ -38,10 +38,11 @@
bool COSE_Signer_Free(HCOSE_SIGNER hSigner)
{
- COSE_SignerInfo * pSigner = (COSE_SignerInfo *)hSigner;
+ COSE_SignerInfo *pSigner = (COSE_SignerInfo *)hSigner;
bool fRet = false;
- if (!IsValidSignerHandle(hSigner)) goto errorReturn;
+ if (!IsValidSignerHandle(hSigner))
+ goto errorReturn;
if (pSigner->m_message.m_refCount > 1) {
pSigner->m_message.m_refCount--;
@@ -59,16 +60,18 @@
return fRet;
}
-
-HCOSE_SIGNER COSE_Signer_Init(CBOR_CONTEXT_COMMA cose_errback * perror)
+HCOSE_SIGNER COSE_Signer_Init(CBOR_CONTEXT_COMMA cose_errback *perror)
{
- COSE_SignerInfo * pobj = (COSE_SignerInfo *)COSE_CALLOC(1, sizeof(COSE_SignerInfo), context);
+ COSE_SignerInfo *pobj =
+ (COSE_SignerInfo *)COSE_CALLOC(1, sizeof(COSE_SignerInfo), context);
if (pobj == NULL) {
- if (perror != NULL) perror->err = COSE_ERR_OUT_OF_MEMORY;
+ if (perror != NULL)
+ perror->err = COSE_ERR_OUT_OF_MEMORY;
return NULL;
}
- if (!_COSE_SignerInfo_Init(COSE_INIT_FLAGS_NO_CBOR_TAG, pobj, COSE_recipient_object, CBOR_CONTEXT_PARAM_COMMA perror)) {
+ if (!_COSE_SignerInfo_Init(COSE_INIT_FLAGS_NO_CBOR_TAG, pobj,
+ COSE_recipient_object, CBOR_CONTEXT_PARAM_COMMA perror)) {
_COSE_SignerInfo_Free(pobj);
COSE_FREE(pobj, context);
return NULL;
@@ -78,24 +81,32 @@
return (HCOSE_SIGNER)pobj;
}
-bool _COSE_SignerInfo_Init(COSE_INIT_FLAGS flags, COSE_SignerInfo * pobj, int msgType, CBOR_CONTEXT_COMMA cose_errback * errp)
+bool _COSE_SignerInfo_Init(COSE_INIT_FLAGS flags,
+ COSE_SignerInfo *pobj,
+ int msgType,
+ CBOR_CONTEXT_COMMA cose_errback *errp)
{
- return _COSE_Init(flags, &pobj->m_message, msgType, CBOR_CONTEXT_PARAM_COMMA errp);
+ return _COSE_Init(
+ flags, &pobj->m_message, msgType, CBOR_CONTEXT_PARAM_COMMA errp);
}
-
-COSE_SignerInfo * _COSE_SignerInfo_Init_From_Object(cn_cbor * cbor, COSE_SignerInfo * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
+COSE_SignerInfo *_COSE_SignerInfo_Init_From_Object(cn_cbor *cbor,
+ COSE_SignerInfo *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- COSE_SignerInfo * pSigner = pIn;
+ COSE_SignerInfo *pSigner = pIn;
if (pSigner == NULL) {
- pSigner = (COSE_SignerInfo *)COSE_CALLOC(1, sizeof(COSE_SignerInfo), context);
+ pSigner =
+ (COSE_SignerInfo *)COSE_CALLOC(1, sizeof(COSE_SignerInfo), context);
CHECK_CONDITION(pSigner != NULL, COSE_ERR_OUT_OF_MEMORY);
}
CHECK_CONDITION(cbor->type == CN_CBOR_ARRAY, COSE_ERR_INVALID_PARAMETER);
- if (!_COSE_Init_From_Object(&pSigner->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!_COSE_Init_From_Object(
+ &pSigner->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
_COSE_InsertInList(&SignerRoot, &pSigner->m_message);
return pSigner;
@@ -103,55 +114,82 @@
errorReturn:
if (pSigner != NULL) {
_COSE_SignerInfo_Free(pSigner);
- if (pIn == NULL) COSE_FREE(pSigner, context);
+ if (pIn == NULL)
+ COSE_FREE(pSigner, context);
}
return NULL;
}
-static bool BuildToBeSigned(byte ** ppbToSign, size_t * pcbToSign, const cn_cbor * pcborBody, const cn_cbor * pcborProtected, const cn_cbor * pcborProtectedSign, const byte * pbExternal, size_t cbExternal, CBOR_CONTEXT_COMMA cose_errback * perr)
+static bool BuildToBeSigned(byte **ppbToSign,
+ size_t *pcbToSign,
+ const cn_cbor *pcborBody,
+ const cn_cbor *pcborProtected,
+ const cn_cbor *pcborProtectedSign,
+ const byte *pbExternal,
+ size_t cbExternal,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor * pArray = NULL;
+ cn_cbor *pArray = NULL;
cn_cbor_errback cbor_error;
size_t cbToSign;
- byte * pbToSign = NULL;
+ byte *pbToSign = NULL;
bool f = false;
- cn_cbor * cn = NULL;
+ cn_cbor *cn = NULL;
- pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pArray != NULL, cbor_error);
- cn = cn_cbor_string_create("Signature", CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn = cn_cbor_string_create(
+ "Signature", CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
- if (pcborProtected->length == 1 && (pcborProtected->v.bytes[0] == 0xa0)) cn = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- else cn = cn_cbor_data_create(pcborProtected->v.bytes, (int)pcborProtected->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ if (pcborProtected->length == 1 && (pcborProtected->v.bytes[0] == 0xa0))
+ cn =
+ cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ else
+ cn = cn_cbor_data_create(pcborProtected->v.bytes,
+ (int)pcborProtected->length, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
- if ((pcborProtectedSign->length == 1) && (pcborProtectedSign->v.bytes[0] == 0xa0)) cn = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- else cn = cn_cbor_data_create(pcborProtectedSign->v.bytes, (int)pcborProtectedSign->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ if ((pcborProtectedSign->length == 1) &&
+ (pcborProtectedSign->v.bytes[0] == 0xa0))
+ cn =
+ cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ else
+ cn = cn_cbor_data_create(pcborProtectedSign->v.bytes,
+ (int)pcborProtectedSign->length,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
- cn = cn_cbor_data_create(pbExternal, (int) cbExternal, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn = cn_cbor_data_create(
+ pbExternal, (int)cbExternal, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
- cn = cn_cbor_data_create(pcborBody->v.bytes, (int)pcborBody->length, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cn = cn_cbor_data_create(pcborBody->v.bytes, (int)pcborBody->length,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cn != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(
+ cn_cbor_array_append(pArray, cn, &cbor_error), cbor_error);
cn = NULL;
cbToSign = cn_cbor_encode_size(pArray);
CHECK_CONDITION(cbToSign > 0, COSE_ERR_CBOR);
pbToSign = (byte *)COSE_CALLOC(cbToSign, 1, context);
CHECK_CONDITION(pbToSign != NULL, COSE_ERR_OUT_OF_MEMORY);
- const ssize_t writtenBits = cn_cbor_encoder_write(pbToSign, 0, cbToSign, pArray);
+ const ssize_t writtenBits =
+ cn_cbor_encoder_write(pbToSign, 0, cbToSign, pArray);
CHECK_CONDITION(writtenBits >= 0, COSE_ERR_CBOR);
CHECK_CONDITION((size_t)writtenBits == cbToSign, COSE_ERR_CBOR);
@@ -159,89 +197,110 @@
*pcbToSign = cbToSign;
pbToSign = NULL;
f = true;
-
-errorReturn:
- if (cn != NULL) CN_CBOR_FREE(cn, context);
- if (pArray != NULL) CN_CBOR_FREE(pArray, context);
- if (pbToSign != NULL) COSE_FREE(pbToSign, context);
- return f;
+errorReturn:
+ if (cn != NULL)
+ CN_CBOR_FREE(cn, context);
+ if (pArray != NULL)
+ CN_CBOR_FREE(pArray, context);
+ if (pbToSign != NULL)
+ COSE_FREE(pbToSign, context);
+ return f;
}
-
-bool _COSE_Signer_sign(COSE_SignerInfo * pSigner, const cn_cbor * pcborBody, const cn_cbor * pcborProtected, cose_errback * perr)
+bool _COSE_Signer_sign(COSE_SignerInfo *pSigner,
+ const cn_cbor *pcborBody,
+ const cn_cbor *pcborProtected,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pSigner->m_message.m_allocContext;
+ cn_cbor_context *context = &pSigner->m_message.m_allocContext;
#endif
- cn_cbor * pcborProtectedSign = NULL;
- cn_cbor * pArray = NULL;
- cn_cbor * cnAlgorithm = NULL;
+ cn_cbor *pcborProtectedSign = NULL;
+ cn_cbor *pArray = NULL;
+ cn_cbor *cnAlgorithm = NULL;
size_t cbToSign;
- byte * pbToSign = NULL;
+ byte *pbToSign = NULL;
int alg;
bool fRet = false;
pArray = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(pArray != NULL, COSE_ERR_OUT_OF_MEMORY);
- cnAlgorithm = _COSE_map_get_int(&pSigner->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cnAlgorithm == NULL) goto errorReturn;
+ cnAlgorithm = _COSE_map_get_int(
+ &pSigner->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cnAlgorithm == NULL)
+ goto errorReturn;
if (cnAlgorithm->type == CN_CBOR_TEXT) {
FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- }
- else {
- CHECK_CONDITION((cnAlgorithm->type == CN_CBOR_UINT || cnAlgorithm->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION((cnAlgorithm->type == CN_CBOR_UINT ||
+ cnAlgorithm->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cnAlgorithm->v.sint;
}
pcborProtectedSign = _COSE_encode_protected(&pSigner->m_message, perr);
- if (pcborProtectedSign == NULL) goto errorReturn;
+ if (pcborProtectedSign == NULL)
+ goto errorReturn;
- if (!BuildToBeSigned(&pbToSign, &cbToSign, pcborBody, pcborProtected, pcborProtectedSign, pSigner->m_message.m_pbExternal, pSigner->m_message.m_cbExternal, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!BuildToBeSigned(&pbToSign, &cbToSign, pcborBody, pcborProtected,
+ pcborProtectedSign, pSigner->m_message.m_pbExternal,
+ pSigner->m_message.m_cbExternal, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
switch (alg) {
#ifdef USE_ECDSA_SHA_256
- case COSE_Algorithm_ECDSA_SHA_256:
- if (!ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, 256, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_256:
+ if (!ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, 256, pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDSA_SHA_384
- case COSE_Algorithm_ECDSA_SHA_384:
- if (!ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, 384, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_384:
+ if (!ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, 384, pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDSA_SHA_512
- case COSE_Algorithm_ECDSA_SHA_512:
- if (!ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, 512, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_512:
+ if (!ECDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, 512, pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_EDDSA
- case COSE_Algorithm_EdDSA:
- if (!EdDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, pbToSign, cbToSign, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_EdDSA:
+ if (!EdDSA_Sign(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, pbToSign, cbToSign, perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
}
fRet = true;
errorReturn:
- if (pArray != NULL) COSE_FREE(pArray, context);
- if (pbToSign != NULL) COSE_FREE(pbToSign, context);
+ if (pArray != NULL)
+ COSE_FREE(pArray, context);
+ if (pbToSign != NULL)
+ COSE_FREE(pbToSign, context);
return fRet;
}
-bool COSE_Signer_SetKey(HCOSE_SIGNER h, const cn_cbor * pKey, cose_errback * perr)
+bool COSE_Signer_SetKey(HCOSE_SIGNER h, const cn_cbor *pKey, cose_errback *perr)
{
- COSE_SignerInfo * p;
+ COSE_SignerInfo *p;
bool fRet = false;
CHECK_CONDITION(IsValidSignerHandle(h), COSE_ERR_INVALID_HANDLE);
@@ -256,121 +315,158 @@
}
/*!
-* @brief Set the application external data for authentication
-*
-* Signer data objects support the authentication of external application
-* supplied data. This function is provided to supply that data to the library.
-*
-* The external data is not copied, nor will be it freed when the handle is released.
-*
-* @param hcose Handle for the COSE MAC data object
-* @param pbEternalData point to the external data
-* @param cbExternalData size of the external data
-* @param perr location to return errors
-* @return result of the operation.
-*/
+ * @brief Set the application external data for authentication
+ *
+ * Signer data objects support the authentication of external application
+ * supplied data. This function is provided to supply that data to the library.
+ *
+ * The external data is not copied, nor will be it freed when the handle is
+ * released.
+ *
+ * @param hcose Handle for the COSE MAC data object
+ * @param pbEternalData point to the external data
+ * @param cbExternalData size of the external data
+ * @param perr location to return errors
+ * @return result of the operation.
+ */
-bool COSE_Signer_SetExternal(HCOSE_SIGNER hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr)
+bool COSE_Signer_SetExternal(HCOSE_SIGNER hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr)
{
if (!IsValidSignerHandle(hcose)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_HANDLE;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_HANDLE;
return false;
}
- return _COSE_SetExternal(&((COSE_SignerInfo *)hcose)->m_message, pbExternalData, cbExternalData, perr);
+ return _COSE_SetExternal(&((COSE_SignerInfo *)hcose)->m_message,
+ pbExternalData, cbExternalData, perr);
}
-
-bool _COSE_Signer_validate(COSE_SignMessage * pSign, COSE_SignerInfo * pSigner, const cn_cbor * pcborBody, const cn_cbor * pcborProtected, cose_errback * perr)
+bool _COSE_Signer_validate(COSE_SignMessage *pSign,
+ COSE_SignerInfo *pSigner,
+ const cn_cbor *pcborBody,
+ const cn_cbor *pcborProtected,
+ cose_errback *perr)
{
- byte * pbToBeSigned = NULL;
+ byte *pbToBeSigned = NULL;
int alg = 0;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pSign->m_message.m_allocContext;
+ cn_cbor_context *context = &pSign->m_message.m_allocContext;
#else
UNUSED(pSign);
#endif
size_t cbToBeSigned;
bool fRet = false;
- const cn_cbor * cn = _COSE_map_get_int(&pSigner->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
- if (cn == NULL) goto errorReturn;
+ const cn_cbor *cn = _COSE_map_get_int(
+ &pSigner->m_message, COSE_Header_Algorithm, COSE_BOTH, perr);
+ if (cn == NULL)
+ goto errorReturn;
if (cn->type == CN_CBOR_TEXT) {
FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- }
- else {
- CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT), COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION((cn->type == CN_CBOR_UINT || cn->type == CN_CBOR_INT),
+ COSE_ERR_INVALID_PARAMETER);
alg = (int)cn->v.sint;
}
// Build protected headers
-
- cn_cbor * cnProtected = _COSE_arrayget_int(&pSigner->m_message, INDEX_PROTECTED);
- CHECK_CONDITION((cnProtected != NULL) && (cnProtected->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ cn_cbor *cnProtected =
+ _COSE_arrayget_int(&pSigner->m_message, INDEX_PROTECTED);
+ CHECK_CONDITION(
+ (cnProtected != NULL) && (cnProtected->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
// Build authenticated data
- if (!BuildToBeSigned(&pbToBeSigned, &cbToBeSigned, pcborBody, pcborProtected, cnProtected, pSigner->m_message.m_pbExternal, pSigner->m_message.m_cbExternal, CBOR_CONTEXT_PARAM_COMMA perr)) goto errorReturn;
+ if (!BuildToBeSigned(&pbToBeSigned, &cbToBeSigned, pcborBody,
+ pcborProtected, cnProtected, pSigner->m_message.m_pbExternal,
+ pSigner->m_message.m_cbExternal, CBOR_CONTEXT_PARAM_COMMA perr))
+ goto errorReturn;
- cn_cbor * cnSignature = _COSE_arrayget_int(&pSigner->m_message, INDEX_SIGNATURE);
- CHECK_CONDITION((cnSignature != NULL) && (cnSignature->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ cn_cbor *cnSignature =
+ _COSE_arrayget_int(&pSigner->m_message, INDEX_SIGNATURE);
+ CHECK_CONDITION(
+ (cnSignature != NULL) && (cnSignature->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
switch (alg) {
#ifdef USE_ECDSA_SHA_256
- case COSE_Algorithm_ECDSA_SHA_256:
- if (!ECDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, 256, pbToBeSigned, cbToBeSigned, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_256:
+ if (!ECDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, 256, pbToBeSigned, cbToBeSigned, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDSA_SHA_384
- case COSE_Algorithm_ECDSA_SHA_384:
- if (!ECDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, 384, pbToBeSigned, cbToBeSigned, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_384:
+ if (!ECDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, 384, pbToBeSigned, cbToBeSigned, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_ECDSA_SHA_512
- case COSE_Algorithm_ECDSA_SHA_512:
- if (!ECDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, 512, pbToBeSigned, cbToBeSigned, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_ECDSA_SHA_512:
+ if (!ECDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, 512, pbToBeSigned, cbToBeSigned, perr))
+ goto errorReturn;
+ break;
#endif
#ifdef USE_EDDSA
- case COSE_Algorithm_EdDSA:
- if (!EdDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE, pSigner->m_pkey, pbToBeSigned, cbToBeSigned, perr)) goto errorReturn;
- break;
+ case COSE_Algorithm_EdDSA:
+ if (!EdDSA_Verify(&pSigner->m_message, INDEX_SIGNATURE,
+ pSigner->m_pkey, pbToBeSigned, cbToBeSigned, perr))
+ goto errorReturn;
+ break;
#endif
- default:
- FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
+ break;
}
fRet = true;
errorReturn:
- if (pbToBeSigned != NULL) COSE_FREE(pbToBeSigned, context);
+ if (pbToBeSigned != NULL)
+ COSE_FREE(pbToBeSigned, context);
return fRet;
}
-cn_cbor * COSE_Signer_map_get_int(HCOSE_SIGNER h, int key, int flags, cose_errback * perr)
+cn_cbor *COSE_Signer_map_get_int(HCOSE_SIGNER h,
+ int key,
+ int flags,
+ cose_errback *perr)
{
if (!IsValidSignerHandle(h)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_HANDLE;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_HANDLE;
return NULL;
}
return _COSE_map_get_int((COSE *)h, key, flags, perr);
}
-bool COSE_Signer_map_put_int(HCOSE_SIGNER h, int key, cn_cbor * value, int flags, cose_errback * perr)
+bool COSE_Signer_map_put_int(HCOSE_SIGNER h,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *perr)
{
CHECK_CONDITION(IsValidSignerHandle(h), COSE_ERR_INVALID_HANDLE);
CHECK_CONDITION(value != NULL, COSE_ERR_INVALID_PARAMETER);
- return _COSE_map_put(&((COSE_SignerInfo *)h)->m_message, key, value, flags, perr);
+ return _COSE_map_put(
+ &((COSE_SignerInfo *)h)->m_message, key, value, flags, perr);
errorReturn:
return false;
diff --git a/src/bcrypt.c b/src/bcrypt.c
index d38bff0..1b22041 100644
--- a/src/bcrypt.c
+++ b/src/bcrypt.c
@@ -7,36 +7,48 @@
#include <Windows.h>
-bool AES_CCM_Encrypt(COSE_Encrypt * pcose, int TSize, int LSize, int KSize, byte * pbAuthData, int cbAuthData)
+bool AES_CCM_Encrypt(COSE_Encrypt *pcose,
+ int TSize,
+ int LSize,
+ int KSize,
+ byte *pbAuthData,
+ int cbAuthData)
{
NTSTATUS err;
BCRYPT_ALG_HANDLE hAlg = NULL;
- BCRYPT_KEY_DATA_BLOB_HEADER * pHdr = NULL;
+ BCRYPT_KEY_DATA_BLOB_HEADER *pHdr = NULL;
BCRYPT_KEY_HANDLE hKey = NULL;
- BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO authInfo = { 0 };
+ BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO authInfo = {0};
byte rgbTag[16];
int cbOut;
- byte * pbOut = NULL;
+ byte *pbOut = NULL;
err = BCryptOpenAlgorithmProvider(&hAlg, "AES_CCM", NULL, 0);
if (err != 0) {
error:
- if (pbOut != NULL) free(pbOut);
- if (pHdr != NULL) free(pHdr);
- if (hKey != NULL) BCryptDestroyKey(hKey);
- if (hAlg != NULL) BCryptCloseAlgorithmProvider(hAlg, 0);
+ if (pbOut != NULL)
+ free(pbOut);
+ if (pHdr != NULL)
+ free(pHdr);
+ if (hKey != NULL)
+ BCryptDestroyKey(hKey);
+ if (hAlg != NULL)
+ BCryptCloseAlgorithmProvider(hAlg, 0);
return false;
}
pHdr = (BCRYPT_KEY_DATA_BLOB_HEADER *)malloc(sizeof(*pHdr) + KSize / 8);
- if (pHdr == NULL) goto error;
+ if (pHdr == NULL)
+ goto error;
pHdr->dwMagic = BCRYPT_KEY_DATA_BLOB_MAGIC;
pHdr->dwVersion = BCRYPT_KEY_DATA_BLOB_VERSION1;
pHdr->cbKeyData = KSize / 8;
memcpy(&pHdr[1], pcose->pbKey, pcose->cbKey);
- err = BCryptImportKey(hAlg, NULL, BCRYPT_KEY_DATA_BLOB, &hKey, NULL, 0, pHdr, (sizeof(*pHdr) + KSize / 8), 0);
- if (err != 0) goto error;
+ err = BCryptImportKey(hAlg, NULL, BCRYPT_KEY_DATA_BLOB, &hKey, NULL, 0,
+ pHdr, (sizeof(*pHdr) + KSize / 8), 0);
+ if (err != 0)
+ goto error;
BCRYPT_INIT_AUTH_MODE_INFO(authInfo);
authInfo.pbNonce = pcose->pbIV;
@@ -49,16 +61,20 @@
cbOut = pcose->cbContent + TSize / 8;
pbOut = (byte *)malloc(cbOut);
- if (pbOut == NULL) goto error;
+ if (pbOut == NULL)
+ goto error;
- err = BCryptEncrypt(hKey, pcose->pbContent, pcose->cbContent, &authInfo, NULL, 0, pbOut, cbOut, 0, 0);
- if (err != 0) goto error;
+ err = BCryptEncrypt(hKey, pcose->pbContent, pcose->cbContent, &authInfo,
+ NULL, 0, pbOut, cbOut, 0, 0);
+ if (err != 0)
+ goto error;
memcpy(&pbOut[pcose->cbContent], rgbTag, TSize / 8);
- cn_cbor_mapput_int(pcose->m_message.m_cbor, COSE_Header_Ciphertext, cn_cbor_data_create(pbOut, cbOut, NULL), NULL);
+ cn_cbor_mapput_int(pcose->m_message.m_cbor, COSE_Header_Ciphertext,
+ cn_cbor_data_create(pbOut, cbOut, NULL), NULL);
return true;
}
-#endif // USE_BCRYPT
\ No newline at end of file
+#endif // USE_BCRYPT
\ No newline at end of file
diff --git a/src/cbor.c b/src/cbor.c
index abaf47c..54511bb 100644
--- a/src/cbor.c
+++ b/src/cbor.c
@@ -4,22 +4,30 @@
#include <memory.h>
#endif
-#define INIT_CB(v) \
- if (errp) {errp->err = CN_CBOR_NO_ERROR;} \
- (v) = CN_CALLOC_CONTEXT(); \
- if (!(v)) { if (errp) {errp->err = CN_CBOR_ERR_OUT_OF_MEMORY;} return false; }
+#define INIT_CB(v) \
+ if (errp) { \
+ errp->err = CN_CBOR_NO_ERROR; \
+ } \
+ (v) = CN_CALLOC_CONTEXT(); \
+ if (!(v)) { \
+ if (errp) { \
+ errp->err = CN_CBOR_ERR_OUT_OF_MEMORY; \
+ } \
+ return false; \
+ }
#ifdef USE_CBOR_CONTEXT
#define CBOR_CONTEXT_PARAM , context
-#define CN_CALLOC(ctx) ((ctx) && (ctx)->calloc_func) ? \
- (ctx)->calloc_func(1, sizeof(cn_cbor), (ctx)->context) : \
- calloc(1, sizeof(cn_cbor));
+#define CN_CALLOC(ctx) \
+ ((ctx) && (ctx)->calloc_func) \
+ ? (ctx)->calloc_func(1, sizeof(cn_cbor), (ctx)->context) \
+ : calloc(1, sizeof(cn_cbor));
#define CN_CALLOC_CONTEXT() CN_CALLOC(context)
-#define CN_CBOR_CALLOC(c, i, ctx) ((ctx) && (ctx)->calloc_func) ? \
- (ctx)->calloc_func(c, i, (ctx)->context) : \
- calloc(c, i)
+#define CN_CBOR_CALLOC(c, i, ctx) \
+ ((ctx) && (ctx)->calloc_func) ? (ctx)->calloc_func(c, i, (ctx)->context) \
+ : calloc(c, i)
#else
#define CBOR_CONTEXT_PARAM
#define CN_CALLOC(ctx) calloc(1, sizeof(cn_cbor));
@@ -27,27 +35,30 @@
#define CN_CBOR_CALLOC(c, i, ctx) calloc(c, i);
#endif
-
/***
-* Replace the i-th element in the array.
-* Extend the array if necessary so it has enough elements.
-*
-* @param[in] cn_cbor * Array to use
-* @param[in] const cn_cbor * New item to be placed in the array
-* @param[in] int Zero based index to be used
-* @param[in] context * Context based allocation structure
-* @param[in,out] cn_cbor_errback * CBOR error return on failure
-* returns bool Did we succeed?
-*/
+ * Replace the i-th element in the array.
+ * Extend the array if necessary so it has enough elements.
+ *
+ * @param[in] cn_cbor * Array to use
+ * @param[in] const cn_cbor * New item to be placed in the array
+ * @param[in] int Zero based index to be used
+ * @param[in] context * Context based allocation structure
+ * @param[in,out] cn_cbor_errback * CBOR error return on failure
+ * returns bool Did we succeed?
+ */
-bool cn_cbor_array_replace(cn_cbor * cb_array, cn_cbor * cb_value, int index, CBOR_CONTEXT_COMMA cn_cbor_errback *errp)
+bool cn_cbor_array_replace(cn_cbor *cb_array,
+ cn_cbor *cb_value,
+ int index,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *errp)
{
int i;
- cn_cbor * cb_temp;
- cn_cbor * cb_temp2;
+ cn_cbor *cb_temp;
+ cn_cbor *cb_temp2;
if (!cb_array || !cb_value || cb_array->type != CN_CBOR_ARRAY) {
- if (errp != NULL) errp->err = CN_CBOR_ERR_INVALID_PARAMETER;
+ if (errp != NULL)
+ errp->err = CN_CBOR_ERR_INVALID_PARAMETER;
return false;
}
@@ -114,44 +125,52 @@
return true;
}
-cn_cbor * cn_cbor_clone(const cn_cbor * pIn, CBOR_CONTEXT_COMMA cn_cbor_errback * pcn_cbor_error)
+cn_cbor *cn_cbor_clone(const cn_cbor *pIn,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *pcn_cbor_error)
{
- cn_cbor * pOut = NULL;
- char * sz;
- unsigned char * pb;
+ cn_cbor *pOut = NULL;
+ char *sz;
+ unsigned char *pb;
switch (pIn->type) {
- case CN_CBOR_TEXT:
- sz = CN_CBOR_CALLOC(pIn->length + 1, 1, context);
- if (sz == NULL) return NULL;
- memcpy(sz, pIn->v.str, pIn->length);
- sz[pIn->length] = 0;
- pOut = cn_cbor_string_create(sz CBOR_CONTEXT_PARAM, pcn_cbor_error);
- break;
+ case CN_CBOR_TEXT:
+ sz = CN_CBOR_CALLOC(pIn->length + 1, 1, context);
+ if (sz == NULL)
+ return NULL;
+ memcpy(sz, pIn->v.str, pIn->length);
+ sz[pIn->length] = 0;
+ pOut = cn_cbor_string_create(sz CBOR_CONTEXT_PARAM, pcn_cbor_error);
+ break;
- case CN_CBOR_UINT:
- pOut = cn_cbor_int_create(pIn->v.sint CBOR_CONTEXT_PARAM, pcn_cbor_error);
- break;
+ case CN_CBOR_UINT:
+ pOut = cn_cbor_int_create(
+ pIn->v.sint CBOR_CONTEXT_PARAM, pcn_cbor_error);
+ break;
- case CN_CBOR_BYTES:
- pb = CN_CBOR_CALLOC((int) pIn->length, 1, context);
- if (pb == NULL) return NULL;
- memcpy(pb, pIn->v.bytes, pIn->length);
- pOut = cn_cbor_data_create(pb, (int) pIn->length CBOR_CONTEXT_PARAM, pcn_cbor_error);
- break;
+ case CN_CBOR_BYTES:
+ pb = CN_CBOR_CALLOC((int)pIn->length, 1, context);
+ if (pb == NULL)
+ return NULL;
+ memcpy(pb, pIn->v.bytes, pIn->length);
+ pOut = cn_cbor_data_create(
+ pb, (int)pIn->length CBOR_CONTEXT_PARAM, pcn_cbor_error);
+ break;
- default:
- break;
+ default:
+ break;
}
return pOut;
}
-cn_cbor * cn_cbor_tag_create(int tag, cn_cbor * child, CBOR_CONTEXT_COMMA cn_cbor_errback * perr)
+cn_cbor *cn_cbor_tag_create(int tag,
+ cn_cbor *child,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *perr)
{
- cn_cbor * pcnTag = CN_CALLOC(context);
+ cn_cbor *pcnTag = CN_CALLOC(context);
if (pcnTag == NULL) {
- if (perr != NULL) perr->err = CN_CBOR_ERR_OUT_OF_MEMORY;
+ if (perr != NULL)
+ perr->err = CN_CBOR_ERR_OUT_OF_MEMORY;
return NULL;
}
@@ -163,11 +182,13 @@
return pcnTag;
}
-cn_cbor * cn_cbor_bool_create(int boolValue, CBOR_CONTEXT_COMMA cn_cbor_errback * errp)
+cn_cbor *cn_cbor_bool_create(int boolValue,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *errp)
{
- cn_cbor * pcn = CN_CALLOC(context);
+ cn_cbor *pcn = CN_CALLOC(context);
if (pcn == NULL) {
- if (errp != NULL) errp->err = CN_CBOR_ERR_OUT_OF_MEMORY;
+ if (errp != NULL)
+ errp->err = CN_CBOR_ERR_OUT_OF_MEMORY;
return NULL;
}
@@ -175,18 +196,19 @@
return pcn;
}
-cn_cbor * cn_cbor_null_create(CBOR_CONTEXT_COMMA cn_cbor_errback * errp)
+cn_cbor *cn_cbor_null_create(CBOR_CONTEXT_COMMA cn_cbor_errback *errp)
{
- cn_cbor * pcn = CN_CALLOC(context);
+ cn_cbor *pcn = CN_CALLOC(context);
if (pcn == NULL) {
- if (errp != NULL) errp->err = CN_CBOR_ERR_OUT_OF_MEMORY;
+ if (errp != NULL)
+ errp->err = CN_CBOR_ERR_OUT_OF_MEMORY;
return NULL;
}
pcn->type = CN_CBOR_NULL;
return pcn;
}
-size_t cn_cbor_encode_size(cn_cbor * object)
+size_t cn_cbor_encode_size(cn_cbor *object)
{
ssize_t size = cn_cbor_encoder_write(NULL, 0, 0, object);
return size >= 0 ? size : 0;
diff --git a/src/cose_int.h b/src/cose_int.h
index 97b5404..4e3b14a 100644
--- a/src/cose_int.h
+++ b/src/cose_int.h
@@ -13,31 +13,31 @@
typedef struct _COSE_COUNTER_SIGN COSE_CounterSign;
#endif
-#define UNUSED(x) ((void) (x))
+#define UNUSED(x) ((void)(x))
#ifndef _countof
-#define _countof(x) (sizeof(x)/sizeof(x[0]))
+#define _countof(x) (sizeof(x) / sizeof(x[0]))
#endif
typedef struct _COSE {
- COSE_INIT_FLAGS m_flags; // Not sure what goes here yet
- int m_ownMsg; // Do I own the pointer @ m_cbor?
- int m_ownUnprotectedMap; // Do I own the pointer @ m_unportectedMap?
- int m_msgType; // What message type is this?
- int m_refCount; // Allocator Reference Counting.
- cn_cbor * m_cbor;
- cn_cbor * m_cborRoot;
- cn_cbor * m_protectedMap;
- cn_cbor * m_unprotectMap;
- cn_cbor * m_dontSendMap;
- const byte * m_pbExternal;
+ COSE_INIT_FLAGS m_flags; // Not sure what goes here yet
+ int m_ownMsg; // Do I own the pointer @ m_cbor?
+ int m_ownUnprotectedMap; // Do I own the pointer @ m_unportectedMap?
+ int m_msgType; // What message type is this?
+ int m_refCount; // Allocator Reference Counting.
+ cn_cbor *m_cbor;
+ cn_cbor *m_cborRoot;
+ cn_cbor *m_protectedMap;
+ cn_cbor *m_unprotectMap;
+ cn_cbor *m_dontSendMap;
+ const byte *m_pbExternal;
size_t m_cbExternal;
#ifdef USE_CBOR_CONTEXT
cn_cbor_context m_allocContext;
#endif
- struct _COSE * m_handleList;
+ struct _COSE *m_handleList;
#ifdef USE_COUNTER_SIGNATURES
- COSE_CounterSign * m_counterSigners;
+ COSE_CounterSign *m_counterSigners;
#endif
} COSE;
@@ -45,18 +45,18 @@
typedef struct _SignerInfo COSE_SignerInfo;
typedef struct {
- COSE m_message; // The message object
- COSE_SignerInfo * m_signerFirst;
+ COSE m_message; // The message object
+ COSE_SignerInfo *m_signerFirst;
} COSE_SignMessage;
typedef struct {
- COSE m_message; // The message object
+ COSE m_message; // The message object
} COSE_Sign1Message;
struct _SignerInfo {
COSE m_message;
- const cn_cbor * m_pkey;
- COSE_SignerInfo * m_signerNext;
+ const cn_cbor *m_pkey;
+ COSE_SignerInfo *m_signerNext;
};
struct _RecipientInfo;
@@ -68,27 +68,27 @@
const byte * pbContent;
size_t cbContent;
} COSE_Encrypt;
-#endif
+#endif
typedef struct {
- COSE m_message; // The message object
- const byte * pbContent;
+ COSE m_message; // The message object
+ const byte *pbContent;
size_t cbContent;
- COSE_RecipientInfo * m_recipientFirst;
+ COSE_RecipientInfo *m_recipientFirst;
} COSE_Enveloped;
typedef COSE_Enveloped COSE_Encrypt;
struct _RecipientInfo {
COSE_Enveloped m_encrypt;
- COSE_RecipientInfo * m_recipientNext;
- const cn_cbor * m_pkey;
- const cn_cbor * m_pkeyStatic;
+ COSE_RecipientInfo *m_recipientNext;
+ const cn_cbor *m_pkey;
+ const cn_cbor *m_pkeyStatic;
};
typedef struct {
- COSE m_message; // The message object
- COSE_RecipientInfo * m_recipientFirst;
+ COSE m_message; // The message object
+ COSE_RecipientInfo *m_recipientFirst;
} COSE_MacMessage;
#if 0
@@ -101,44 +101,46 @@
#ifdef USE_COUNTER_SIGNATURES
typedef struct _COSE_COUNTER_SIGN {
COSE_SignerInfo m_signer;
- COSE_CounterSign * m_next;
+ COSE_CounterSign *m_next;
} COSE_CounterSign;
#endif
#ifdef USE_CBOR_CONTEXT
/**
-* Allocate enough space for 1 `cn_cbor` structure.
-*
-* @param[in] ctx The allocation context, or NULL for calloc.
-* @return A pointer to a `cn_cbor` or NULL on failure
-*/
-#define CN_CALLOC(ctx) ((ctx) && (ctx)->calloc_func) ? \
- (ctx)->calloc_func(1, sizeof(cn_cbor), (ctx)->context) : \
- calloc(1, sizeof(cn_cbor));
+ * Allocate enough space for 1 `cn_cbor` structure.
+ *
+ * @param[in] ctx The allocation context, or NULL for calloc.
+ * @return A pointer to a `cn_cbor` or NULL on failure
+ */
+#define CN_CALLOC(ctx) \
+ ((ctx) && (ctx)->calloc_func) \
+ ? (ctx)->calloc_func(1, sizeof(cn_cbor), (ctx)->context) \
+ : calloc(1, sizeof(cn_cbor));
/**
-* Allocate space required
-*
-* @param[in] ctx The allocation context, or NULL for normal calloc.
-* @param[in] count Number of items to allocate
-* @param[in] size Size of item to allocate
-* @return A pointer to the object needed
-*/
-#define COSE_CALLOC(count, size, ctx) ((((ctx)) && ((ctx)->calloc_func)) ? \
- ((ctx)->calloc_func(count, size, (ctx)->context)) : \
- calloc(count, size))
+ * Allocate space required
+ *
+ * @param[in] ctx The allocation context, or NULL for normal calloc.
+ * @param[in] count Number of items to allocate
+ * @param[in] size Size of item to allocate
+ * @return A pointer to the object needed
+ */
+#define COSE_CALLOC(count, size, ctx) \
+ ((((ctx)) && ((ctx)->calloc_func)) \
+ ? ((ctx)->calloc_func(count, size, (ctx)->context)) \
+ : calloc(count, size))
/**
-* Free a
-* @param free_func [description]
-* @return [description]
-*/
-#define COSE_FREE(ptr, ctx) ((((ctx) && (ctx)->free_func)) ? \
- ((ctx)->free_func((ptr), (ctx)->context)) : \
- free((ptr)))
+ * Free a
+ * @param free_func [description]
+ * @return [description]
+ */
+#define COSE_FREE(ptr, ctx) \
+ ((((ctx) && (ctx)->free_func)) ? ((ctx)->free_func((ptr), (ctx)->context)) \
+ : free((ptr)))
#define CBOR_CONTEXT_PARAM , context
-#define CBOR_CONTEXT_PARAM_COMMA context ,
+#define CBOR_CONTEXT_PARAM_COMMA context,
//#define CN_CALLOC_CONTEXT() CN_CALLOC(context)
#define CN_CBOR_FREE(p, context) cn_cbor_free(p, context)
@@ -150,12 +152,9 @@
#define COSE_CALLOC(count, size, ctx) calloc(count, size)
#define CN_CBOR_FREE(p, context) cn_cbor_free(p)
-
-
#define COSE_FREE(ptr, ctx) free(ptr)
-#endif // USE_CBOR_CONTEXT
-
+#endif // USE_CBOR_CONTEXT
cose_error _MapFromCBOR(cn_cbor_errback err);
@@ -163,9 +162,9 @@
* Set of routines for handle checking
*/
-void _COSE_InsertInList(COSE ** rootNode, COSE * newMsg);
-bool _COSE_IsInList(const COSE *const rootNode, const COSE *const thisMsg);
-void _COSE_RemoveFromList(COSE ** rootNode, COSE * thisMsg);
+void _COSE_InsertInList(COSE **rootNode, COSE *newMsg);
+bool _COSE_IsInList(const COSE *const rootNode, const COSE *const thisMsg);
+void _COSE_RemoveFromList(COSE **rootNode, COSE *thisMsg);
bool IsValidEncryptHandle(HCOSE_ENCRYPT h);
bool IsValidEnvelopedHandle(HCOSE_ENVELOPED h);
@@ -173,81 +172,199 @@
bool IsValidSignerHandle(HCOSE_SIGNER h);
bool IsValidCounterSignHandle(HCOSE_COUNTERSIGN h);
-bool _COSE_Init(COSE_INIT_FLAGS flags, COSE * pcose, int msgType, CBOR_CONTEXT_COMMA cose_errback * errp);
-bool _COSE_Init_From_Object(COSE* pobj, cn_cbor * pcbor, CBOR_CONTEXT_COMMA cose_errback * perror);
-void _COSE_Release(COSE * pcose);
+bool _COSE_Init(COSE_INIT_FLAGS flags,
+ COSE *pcose,
+ int msgType,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+bool _COSE_Init_From_Object(COSE *pobj,
+ cn_cbor *pcbor,
+ CBOR_CONTEXT_COMMA cose_errback *perror);
+void _COSE_Release(COSE *pcose);
-cn_cbor * _COSE_map_get_string(COSE * cose, const char * key, int flags, cose_errback * errp);
-cn_cbor * _COSE_map_get_int(COSE * cose, int key, int flags, cose_errback * errp);
-bool _COSE_map_put(COSE * cose, int key, cn_cbor * value, int flags, cose_errback * errp);
+cn_cbor *_COSE_map_get_string(COSE *cose,
+ const char *key,
+ int flags,
+ cose_errback *errp);
+cn_cbor *_COSE_map_get_int(COSE *cose, int key, int flags, cose_errback *errp);
+bool _COSE_map_put(COSE *cose,
+ int key,
+ cn_cbor *value,
+ int flags,
+ cose_errback *errp);
-bool _COSE_SetExternal(COSE * hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
+bool _COSE_SetExternal(COSE *hcose,
+ const byte *pbExternalData,
+ size_t cbExternalData,
+ cose_errback *perr);
+HCOSE_ENVELOPED _COSE_Enveloped_Init_From_Object(cn_cbor *,
+ COSE_Enveloped *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+void _COSE_Enveloped_Release(COSE_Enveloped *p);
+bool _COSE_Enveloped_decrypt(COSE_Enveloped *pcose,
+ COSE_RecipientInfo *pRecip,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr);
+bool _COSE_Enveloped_encrypt(COSE_Enveloped *pcose,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr);
+bool _COSE_Enveloped_SetContent(COSE_Enveloped *cose,
+ const byte *rgbContent,
+ size_t cbContent,
+ cose_errback *errp);
-HCOSE_ENVELOPED _COSE_Enveloped_Init_From_Object(cn_cbor *, COSE_Enveloped * pIn, CBOR_CONTEXT_COMMA cose_errback * errp);
-void _COSE_Enveloped_Release(COSE_Enveloped * p);
-bool _COSE_Enveloped_decrypt(COSE_Enveloped * pcose, COSE_RecipientInfo * pRecip, const byte *pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr);
-bool _COSE_Enveloped_encrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr);
-bool _COSE_Enveloped_SetContent(COSE_Enveloped * cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
+HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor *,
+ COSE_Encrypt *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+void _COSE_Encrypt_Release(COSE_Encrypt *p);
+bool _COSE_Encrypt_SetContent(COSE_Encrypt *cose,
+ const byte *rgbContent,
+ size_t cbContent,
+ cose_errback *errp);
+bool _COSE_Encrypt_Build_AAD(COSE *pMessage,
+ byte **ppbAAD,
+ size_t *pcbAAD,
+ const char *szContext,
+ cose_errback *perr);
-HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor *, COSE_Encrypt * pIn, CBOR_CONTEXT_COMMA cose_errback * errp);
-void _COSE_Encrypt_Release(COSE_Encrypt * p);
-bool _COSE_Encrypt_SetContent(COSE_Encrypt * cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-bool _COSE_Encrypt_Build_AAD(COSE * pMessage, byte ** ppbAAD, size_t * pcbAAD, const char * szContext, cose_errback * perr);
-
-
-COSE_RecipientInfo * _COSE_Recipient_Init_From_Object(cn_cbor *, CBOR_CONTEXT_COMMA cose_errback * errp);
+COSE_RecipientInfo *_COSE_Recipient_Init_From_Object(cn_cbor *,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
void _COSE_Recipient_Free(COSE_RecipientInfo *);
-bool _COSE_Recipient_decrypt(COSE_RecipientInfo * pRecip, COSE_RecipientInfo * pRecipUse, int algIn, size_t cbitKey, byte * pbKey, cose_errback * errp);
-bool _COSE_Recipient_encrypt(COSE_RecipientInfo * pRecipient, const byte * pbContent, size_t cbContent, cose_errback * perr);
-byte * _COSE_RecipientInfo_generateKey(COSE_RecipientInfo * pRecipient, int algIn, size_t cbitKeySize, cose_errback * perr);
-
+bool _COSE_Recipient_decrypt(COSE_RecipientInfo *pRecip,
+ COSE_RecipientInfo *pRecipUse,
+ int algIn,
+ size_t cbitKey,
+ byte *pbKey,
+ cose_errback *errp);
+bool _COSE_Recipient_encrypt(COSE_RecipientInfo *pRecipient,
+ const byte *pbContent,
+ size_t cbContent,
+ cose_errback *perr);
+byte *_COSE_RecipientInfo_generateKey(COSE_RecipientInfo *pRecipient,
+ int algIn,
+ size_t cbitKeySize,
+ cose_errback *perr);
// Signed items
-HCOSE_SIGN _COSE_Sign_Init_From_Object(cn_cbor *, COSE_SignMessage * pIn, CBOR_CONTEXT_COMMA cose_errback * errp);
-void _COSE_Sign_Release(COSE_SignMessage * p);
+HCOSE_SIGN _COSE_Sign_Init_From_Object(cn_cbor *,
+ COSE_SignMessage *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+void _COSE_Sign_Release(COSE_SignMessage *p);
// Signer items
-bool _COSE_SignerInfo_Init(COSE_INIT_FLAGS flags, COSE_SignerInfo * pcose, int msgType, CBOR_CONTEXT_COMMA cose_errback * errp);
-bool _COSE_Signer_sign(COSE_SignerInfo * pSigner, const cn_cbor * pcborBody, const cn_cbor * pcborProtected, cose_errback * perr);
-COSE_SignerInfo * _COSE_SignerInfo_Init_From_Object(cn_cbor * cbor, COSE_SignerInfo * pIn, CBOR_CONTEXT_COMMA cose_errback * perr);
-bool _COSE_SignerInfo_Free(COSE_SignerInfo * pSigner);
-bool _COSE_Signer_validate(COSE_SignMessage * pSign, COSE_SignerInfo * pSigner, const cn_cbor * pbContent, const cn_cbor * pbProtected, cose_errback * perr);
-
+bool _COSE_SignerInfo_Init(COSE_INIT_FLAGS flags,
+ COSE_SignerInfo *pcose,
+ int msgType,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+bool _COSE_Signer_sign(COSE_SignerInfo *pSigner,
+ const cn_cbor *pcborBody,
+ const cn_cbor *pcborProtected,
+ cose_errback *perr);
+COSE_SignerInfo *_COSE_SignerInfo_Init_From_Object(cn_cbor *cbor,
+ COSE_SignerInfo *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr);
+bool _COSE_SignerInfo_Free(COSE_SignerInfo *pSigner);
+bool _COSE_Signer_validate(COSE_SignMessage *pSign,
+ COSE_SignerInfo *pSigner,
+ const cn_cbor *pbContent,
+ const cn_cbor *pbProtected,
+ cose_errback *perr);
// Sign1 items
-HCOSE_SIGN1 _COSE_Sign1_Init_From_Object(cn_cbor * cbor, COSE_Sign1Message * pIn, CBOR_CONTEXT_COMMA cose_errback * perr);
-void _COSE_Sign1_Release(COSE_Sign1Message * p);
+HCOSE_SIGN1 _COSE_Sign1_Init_From_Object(cn_cbor *cbor,
+ COSE_Sign1Message *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *perr);
+void _COSE_Sign1_Release(COSE_Sign1Message *p);
// Mac-ed items
-HCOSE_MAC _COSE_Mac_Init_From_Object(cn_cbor *, COSE_MacMessage * pIn, CBOR_CONTEXT_COMMA cose_errback * errp);
-bool _COSE_Mac_Release(COSE_MacMessage * p);
-bool _COSE_Mac_Build_AAD(COSE * pCose, const char * szContext, byte ** ppbAuthData, size_t * pcbAuthData, CBOR_CONTEXT_COMMA cose_errback * perr);
-bool _COSE_Mac_compute(COSE_MacMessage * pcose, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr);
-bool _COSE_Mac_validate(COSE_MacMessage * pcose, COSE_RecipientInfo * pRecip, const byte * pbKeyIn, size_t cbKeyIn, const char * szContext, cose_errback * perr);
+HCOSE_MAC _COSE_Mac_Init_From_Object(cn_cbor *,
+ COSE_MacMessage *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+bool _COSE_Mac_Release(COSE_MacMessage *p);
+bool _COSE_Mac_Build_AAD(COSE *pCose,
+ const char *szContext,
+ byte **ppbAuthData,
+ size_t *pcbAuthData,
+ CBOR_CONTEXT_COMMA cose_errback *perr);
+bool _COSE_Mac_compute(COSE_MacMessage *pcose,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr);
+bool _COSE_Mac_validate(COSE_MacMessage *pcose,
+ COSE_RecipientInfo *pRecip,
+ const byte *pbKeyIn,
+ size_t cbKeyIn,
+ const char *szContext,
+ cose_errback *perr);
// MAC0 Items
-HCOSE_MAC0 _COSE_Mac0_Init_From_Object(cn_cbor *, COSE_Mac0Message * pIn, CBOR_CONTEXT_COMMA cose_errback * errp);
-bool _COSE_Mac0_Release(COSE_Mac0Message * p);
+HCOSE_MAC0 _COSE_Mac0_Init_From_Object(cn_cbor *,
+ COSE_Mac0Message *pIn,
+ CBOR_CONTEXT_COMMA cose_errback *errp);
+bool _COSE_Mac0_Release(COSE_Mac0Message *p);
// Counter Sign Items
-HCOSE_COUNTERSIGN _COSE_CounterSign_get(COSE * pMessage, int iSigner, cose_errback * perr);
-bool _COSE_CounterSign_add(COSE * pMessage, HCOSE_COUNTERSIGN hSigner, cose_errback * perr);
-bool _COSE_CountSign_create(COSE * pMessage, cn_cbor * pcnBody, CBOR_CONTEXT_COMMA cose_errback * perr);
+HCOSE_COUNTERSIGN _COSE_CounterSign_get(COSE *pMessage,
+ int iSigner,
+ cose_errback *perr);
+bool _COSE_CounterSign_add(COSE *pMessage,
+ HCOSE_COUNTERSIGN hSigner,
+ cose_errback *perr);
+bool _COSE_CountSign_create(COSE *pMessage,
+ cn_cbor *pcnBody,
+ CBOR_CONTEXT_COMMA cose_errback *perr);
//
// Debugging Items
//#define DO_ASSERT assert(false);
#define DO_ASSERT
-#define CHECK_CONDITION(condition, error) { if (!(condition)) { DO_ASSERT; if (perr != NULL) {perr->err = error;} goto errorReturn;}}
-#define CHECK_CONDITION0(condition, error) { if ((condition)) { DO_ASSERT; if (perr != NULL) {perr->err = error;} goto errorReturn;}}
-#define FAIL_CONDITION(error) { DO_ASSERT; if (perr != NULL) {perr->err = error;} goto errorReturn;}
-#define CHECK_CONDITION_CBOR(condition, error) { if (!(condition)) { DO_ASSERT; if (perr != NULL) {perr->err = _MapFromCBOR(error);} goto errorReturn;}}
+#define CHECK_CONDITION(condition, error) \
+ { \
+ if (!(condition)) { \
+ DO_ASSERT; \
+ if (perr != NULL) { \
+ perr->err = error; \
+ } \
+ goto errorReturn; \
+ } \
+ }
+#define CHECK_CONDITION0(condition, error) \
+ { \
+ if ((condition)) { \
+ DO_ASSERT; \
+ if (perr != NULL) { \
+ perr->err = error; \
+ } \
+ goto errorReturn; \
+ } \
+ }
+#define FAIL_CONDITION(error) \
+ { \
+ DO_ASSERT; \
+ if (perr != NULL) { \
+ perr->err = error; \
+ } \
+ goto errorReturn; \
+ }
+#define CHECK_CONDITION_CBOR(condition, error) \
+ { \
+ if (!(condition)) { \
+ DO_ASSERT; \
+ if (perr != NULL) { \
+ perr->err = _MapFromCBOR(error); \
+ } \
+ goto errorReturn; \
+ } \
+ }
-cn_cbor * _COSE_encode_protected(COSE * pMessage, cose_errback * perr);
-
+cn_cbor *_COSE_encode_protected(COSE *pMessage, cose_errback *perr);
//// Defines on positions
@@ -270,20 +387,23 @@
#define COSE_Header_Signature 94
#define COSE_Header_Signers 93
-
-bool _COSE_array_replace(COSE * pMessage, cn_cbor * cb_value, int index, CBOR_CONTEXT_COMMA cn_cbor_errback * errp);
-cn_cbor * _COSE_arrayget_int(COSE * pMessage, int index);
+bool _COSE_array_replace(COSE *pMessage,
+ cn_cbor *cb_value,
+ int index,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *errp);
+cn_cbor *_COSE_arrayget_int(COSE *pMessage, int index);
/// NEW CBOR FUNCTIONS
-bool cn_cbor_array_replace(cn_cbor * cb_array, cn_cbor * cb_value, int index, CBOR_CONTEXT_COMMA cn_cbor_errback *errp);
-cn_cbor * cn_cbor_bool_create(int boolValue, CBOR_CONTEXT_COMMA cn_cbor_errback * errp);
+bool cn_cbor_array_replace(cn_cbor *cb_array,
+ cn_cbor *cb_value,
+ int index,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *errp);
+cn_cbor *cn_cbor_bool_create(int boolValue,
+ CBOR_CONTEXT_COMMA cn_cbor_errback *errp);
-size_t cn_cbor_encode_size(cn_cbor * object);
+size_t cn_cbor_encode_size(cn_cbor *object);
-enum {
- COSE_Int_Alg_AES_CBC_MAC_256_64 = -22
-};
-
+enum { COSE_Int_Alg_AES_CBC_MAC_256_64 = -22 };
#define COSE_CounterSign_object 1000
diff --git a/src/crypto.h b/src/crypto.h
index 2585bc9..3f34ed5 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -14,70 +14,191 @@
* @param[in] int Size of authenticated data structure
* @return Did the function succeed?
*/
-bool AES_CCM_Decrypt(COSE_Enveloped * pcose, int TSize, int LSize, const byte * pbKey, size_t cbitKey, const byte * pbCrypto, size_t cbCrypto, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool AES_GCM_Decrypt(COSE_Enveloped * pcose, const byte * pbKey, size_t cbKey, const byte * pbCrypto, size_t cbCrypto, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool AES_KW_Decrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_t cbitKey, const byte * pbCipherText, size_t cbCipherText, byte * pbKeyOut, int * pcbKeyOut, cose_errback * perr);
+bool AES_CCM_Decrypt(COSE_Enveloped* pcose,
+ int TSize,
+ int LSize,
+ const byte* pbKey,
+ size_t cbitKey,
+ const byte* pbCrypto,
+ size_t cbCrypto,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool AES_GCM_Decrypt(COSE_Enveloped* pcose,
+ const byte* pbKey,
+ size_t cbKey,
+ const byte* pbCrypto,
+ size_t cbCrypto,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool AES_KW_Decrypt(COSE_Enveloped* pcose,
+ const byte* pbKeyIn,
+ size_t cbitKey,
+ const byte* pbCipherText,
+ size_t cbCipherText,
+ byte* pbKeyOut,
+ int* pcbKeyOut,
+ cose_errback* perr);
/**
-* Perform an AES-CCM Encryption operation
-*
-* @param[in] COSE_Enveloped Pointer to COSE Encryption context object
-* @param[in] int Size of the Tag value to be create
-* @param[in] int Size of the Message Length field
-* @param[in] byte * Pointer to authenticated data structure
-* @param[in] int Size of authenticated data structure
-* @return Did the function succeed?
-*/
-bool AES_CCM_Encrypt(COSE_Enveloped * pcose, int TSize, int LSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool AES_GCM_Encrypt(COSE_Enveloped * pcose, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool AES_KW_Encrypt(COSE_RecipientInfo * pcose, const byte * pbKeyIn, int cbitKey, const byte * pbContent, int cbContent, cose_errback * perr);
+ * Perform an AES-CCM Encryption operation
+ *
+ * @param[in] COSE_Enveloped Pointer to COSE Encryption context object
+ * @param[in] int Size of the Tag value to be create
+ * @param[in] int Size of the Message Length field
+ * @param[in] byte * Pointer to authenticated data structure
+ * @param[in] int Size of authenticated data structure
+ * @return Did the function succeed?
+ */
+bool AES_CCM_Encrypt(COSE_Enveloped* pcose,
+ int TSize,
+ int LSize,
+ const byte* pbKey,
+ size_t cbKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool AES_GCM_Encrypt(COSE_Enveloped* pcose,
+ const byte* pbKey,
+ size_t cbKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool AES_KW_Encrypt(COSE_RecipientInfo* pcose,
+ const byte* pbKeyIn,
+ int cbitKey,
+ const byte* pbContent,
+ int cbContent,
+ cose_errback* perr);
-
-bool AES_CMAC_Validate(COSE_MacMessage * pcose, int KeySize, int TagSize, const byte * pbKey, int cbitKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool AES_CBC_MAC_Create(COSE_MacMessage * pcose, int TagSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool AES_CBC_MAC_Validate(COSE_MacMessage * pcose, int TagSize, const byte * pbKey, size_t cbitKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
+bool AES_CMAC_Validate(COSE_MacMessage* pcose,
+ int KeySize,
+ int TagSize,
+ const byte* pbKey,
+ int cbitKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool AES_CBC_MAC_Create(COSE_MacMessage* pcose,
+ int TagSize,
+ const byte* pbKey,
+ size_t cbKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool AES_CBC_MAC_Validate(COSE_MacMessage* pcose,
+ int TagSize,
+ const byte* pbKey,
+ size_t cbitKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
/**
-* Perform an HMAC Creation operation
-*
-* @param[in] COSE_Enveloped Pointer to COSE Encryption context object
-* @param[in] int Hash function to be used
-* @param[in] int Size of Tag value to be created
-* @param[in] byte * Pointer to authenticated data structure
-* @param[in] int Size of authenticated data structure
-* @param[in] cose_errback * Error return location
-* @return Did the function succeed?
-*/
-bool HMAC_Create(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
-bool HMAC_Validate(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbitKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr);
+ * Perform an HMAC Creation operation
+ *
+ * @param[in] COSE_Enveloped Pointer to COSE Encryption context object
+ * @param[in] int Hash function to be used
+ * @param[in] int Size of Tag value to be created
+ * @param[in] byte * Pointer to authenticated data structure
+ * @param[in] int Size of authenticated data structure
+ * @param[in] cose_errback * Error return location
+ * @return Did the function succeed?
+ */
+bool HMAC_Create(COSE_MacMessage* pcose,
+ int HSize,
+ int TSize,
+ const byte* pbKey,
+ size_t cbKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
+bool HMAC_Validate(COSE_MacMessage* pcose,
+ int HSize,
+ int TSize,
+ const byte* pbKey,
+ size_t cbitKey,
+ const byte* pbAuthData,
+ size_t cbAuthData,
+ cose_errback* perr);
-bool HKDF_Extract(COSE * pcose, const byte * pbKey, size_t cbKey, size_t cbitDigest, byte * rgbDigest, size_t * pcbDigest, CBOR_CONTEXT_COMMA cose_errback * perr);
-bool HKDF_Expand(COSE * pcose, size_t cbitDigest, const byte * pbPRK, size_t cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput, cose_errback * perr);
+bool HKDF_Extract(COSE* pcose,
+ const byte* pbKey,
+ size_t cbKey,
+ size_t cbitDigest,
+ byte* rgbDigest,
+ size_t* pcbDigest,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
+bool HKDF_Expand(COSE* pcose,
+ size_t cbitDigest,
+ const byte* pbPRK,
+ size_t cbPRK,
+ const byte* pbInfo,
+ size_t cbInfo,
+ byte* pbOutput,
+ size_t cbOutput,
+ cose_errback* perr);
-bool HKDF_AES_Expand(COSE * pcose, size_t cbitKey, const byte * pbPRK, size_t cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput, cose_errback * perr);
+bool HKDF_AES_Expand(COSE* pcose,
+ size_t cbitKey,
+ const byte* pbPRK,
+ size_t cbPRK,
+ const byte* pbInfo,
+ size_t cbInfo,
+ byte* pbOutput,
+ size_t cbOutput,
+ cose_errback* perr);
/**
-* Perform a signature operation
-*
-* @param[in] COSE_SignerInfo Pointer to COSE SignerInfo context object
-* @param[in] byte * Pointer to text to be signed
-* @param[in] size_t size of text to be signed
-* @param[in] cose_errback * Error return location
-* @return Did the function succeed?
-*/
-bool ECDSA_Sign(COSE * pSigner, int index, const cn_cbor * pKey, int cbitsDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr);
-bool ECDSA_Verify(COSE * pSigner, int index, const cn_cbor * pKey, int cbitsDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr);
+ * Perform a signature operation
+ *
+ * @param[in] COSE_SignerInfo Pointer to COSE SignerInfo context object
+ * @param[in] byte * Pointer to text to be signed
+ * @param[in] size_t size of text to be signed
+ * @param[in] cose_errback * Error return location
+ * @return Did the function succeed?
+ */
+bool ECDSA_Sign(COSE* pSigner,
+ int index,
+ const cn_cbor* pKey,
+ int cbitsDigest,
+ const byte* rgbToSign,
+ size_t cbToSign,
+ cose_errback* perr);
+bool ECDSA_Verify(COSE* pSigner,
+ int index,
+ const cn_cbor* pKey,
+ int cbitsDigest,
+ const byte* rgbToSign,
+ size_t cbToSign,
+ cose_errback* perr);
-bool ECDH_ComputeSecret(COSE * pReciient, cn_cbor ** ppKeyMe, const cn_cbor * pKeyYou, byte ** ppbSecret, size_t * pcbSecret, CBOR_CONTEXT_COMMA cose_errback *perr);
+bool ECDH_ComputeSecret(COSE* pReciient,
+ cn_cbor** ppKeyMe,
+ const cn_cbor* pKeyYou,
+ byte** ppbSecret,
+ size_t* pcbSecret,
+ CBOR_CONTEXT_COMMA cose_errback* perr);
-bool EdDSA_Sign(COSE* pSigner, int index, const cn_cbor* pKey, const byte* rgbToSign, size_t cbToSign, cose_errback* perr);
-bool EdDSA_Verify(COSE* pSigner, int index, const cn_cbor* pKey, const byte* rgbToSign, size_t cbToSign, cose_errback* perr);
+bool EdDSA_Sign(COSE* pSigner,
+ int index,
+ const cn_cbor* pKey,
+ const byte* rgbToSign,
+ size_t cbToSign,
+ cose_errback* perr);
+bool EdDSA_Verify(COSE* pSigner,
+ int index,
+ const cn_cbor* pKey,
+ const byte* rgbToSign,
+ size_t cbToSign,
+ cose_errback* perr);
/**
-* Generate random bytes in a buffer
-*
-* @param[in] byte * Pointer to buffer to be filled
-* @param[in] size_t Size of buffer to be filled
-* @return none
-*/
-void rand_bytes(byte * pb, size_t cb);
+ * Generate random bytes in a buffer
+ *
+ * @param[in] byte * Pointer to buffer to be filled
+ * @param[in] size_t Size of buffer to be filled
+ * @return none
+ */
+void rand_bytes(byte* pb, size_t cb);
diff --git a/src/mbedtls.c b/src/mbedtls.c
index 462120e..a1f2a6f 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -25,29 +25,39 @@
#define MIN(A, B) ((A) < (B) ? (A) : (B))
-bool AES_CCM_Decrypt(COSE_Enveloped * pcose, int TSize, int LSize, const byte * pbKey, size_t cbKey, const byte * pbCrypto, size_t cbCrypto, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CCM_Decrypt(COSE_Enveloped *pcose,
+ int TSize,
+ int LSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbCrypto,
+ size_t cbCrypto,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
-
mbedtls_ccm_context ctx;
int cbOut;
- byte * rgbOut = NULL;
- int NSize = 15 - (LSize/8);
- byte rgbIV[15] = { 0 };
- const cn_cbor * pIV = NULL;
+ byte *rgbOut = NULL;
+ int NSize = 15 - (LSize / 8);
+ byte rgbIV[15] = {0};
+ const cn_cbor *pIV = NULL;
mbedtls_cipher_id_t cipher;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
mbedtls_ccm_init(&ctx);
-
- // Setup the IV/Nonce and put it into the message
+
+ // Setup the IV/Nonce and put it into the message
pIV = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, NULL);
- if ((pIV == NULL) || (pIV->type!= CN_CBOR_BYTES)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if ((pIV == NULL) || (pIV->type != CN_CBOR_BYTES)) {
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
errorReturn:
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
mbedtls_ccm_free(&ctx);
return false;
}
@@ -56,17 +66,20 @@
// Setup and run the mbedTLS code
cipher = MBEDTLS_CIPHER_ID_AES;
-
- CHECK_CONDITION(!mbedtls_ccm_setkey(&ctx, cipher, pbKey, cbKey*8), COSE_ERR_CRYPTO_FAIL);
- TSize /= 8; // Comes in in bits not bytes.
- cbOut = (int) cbCrypto - TSize;
+ CHECK_CONDITION(!mbedtls_ccm_setkey(&ctx, cipher, pbKey, cbKey * 8),
+ COSE_ERR_CRYPTO_FAIL);
+ TSize /= 8; // Comes in in bits not bytes.
+
+ cbOut = (int)cbCrypto - TSize;
rgbOut = (byte *)COSE_CALLOC(cbOut, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
-
-
- CHECK_CONDITION(!mbedtls_ccm_auth_decrypt(&ctx, cbOut, rgbIV, NSize, pbAuthData, cbAuthData, pbCrypto, rgbOut, &pbCrypto[cbOut], TSize), COSE_ERR_CRYPTO_FAIL);
-
+
+ CHECK_CONDITION(
+ !mbedtls_ccm_auth_decrypt(&ctx, cbOut, rgbIV, NSize, pbAuthData,
+ cbAuthData, pbCrypto, rgbOut, &pbCrypto[cbOut], TSize),
+ COSE_ERR_CRYPTO_FAIL);
+
mbedtls_ccm_free(&ctx);
pcose->pbContent = rgbOut;
pcose->cbContent = cbOut;
@@ -74,106 +87,134 @@
return true;
}
-
-bool AES_CCM_Encrypt(COSE_Enveloped * pcose, int TSize, int LSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CCM_Encrypt(COSE_Enveloped *pcose,
+ int TSize,
+ int LSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
mbedtls_ccm_context ctx;
int cbOut;
- byte * rgbOut = NULL;
- int NSize = 15 - (LSize/8);
- const cn_cbor * cbor_iv = NULL;
- cn_cbor * cbor_iv_t = NULL;
+ byte *rgbOut = NULL;
+ int NSize = 15 - (LSize / 8);
+ const cn_cbor *cbor_iv = NULL;
+ cn_cbor *cbor_iv_t = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
- cn_cbor * cnTmp = NULL;
+ cn_cbor *cnTmp = NULL;
mbedtls_cipher_id_t cipher;
byte rgbIV[16];
- byte * pbIV = NULL;
+ byte *pbIV = NULL;
cn_cbor_errback cbor_error;
- mbedtls_ccm_init(&ctx);
+ mbedtls_ccm_init(&ctx);
- cipher = MBEDTLS_CIPHER_ID_AES;
-
+ cipher = MBEDTLS_CIPHER_ID_AES;
+
// Setup the IV/Nonce and put it into the message
- cbor_iv = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
+ cbor_iv =
+ _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
if (cbor_iv == NULL) {
-
- pbIV = COSE_CALLOC(NSize, 1, context);
+ pbIV = COSE_CALLOC(NSize, 1, context);
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, NSize);
memcpy(rgbIV, pbIV, NSize);
- cbor_iv_t = cn_cbor_data_create(pbIV, NSize, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cbor_iv_t = cn_cbor_data_create(
+ pbIV, NSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
- if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t,
+ COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
cbor_iv_t = NULL;
- }
- else {
- CHECK_CONDITION(cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION(
+ cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(cbor_iv->length == NSize, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbIV, cbor_iv->v.str, cbor_iv->length);
}
// Setup and run the mbedTLS code
-
- //cbKey comes in bytes not bits
- CHECK_CONDITION(!mbedtls_ccm_setkey(&ctx, cipher, pbKey, cbKey*8), COSE_ERR_CRYPTO_FAIL);
-
- TSize /= 8; // Comes in in bits not bytes.
- cbOut = pcose->cbContent; // M00BUG - This is a missing call?
- rgbOut = (byte *)COSE_CALLOC(cbOut+TSize, 1, context);
+ // cbKey comes in bytes not bits
+ CHECK_CONDITION(!mbedtls_ccm_setkey(&ctx, cipher, pbKey, cbKey * 8),
+ COSE_ERR_CRYPTO_FAIL);
+
+ TSize /= 8; // Comes in in bits not bytes.
+
+ cbOut = pcose->cbContent; // M00BUG - This is a missing call?
+ rgbOut = (byte *)COSE_CALLOC(cbOut + TSize, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!mbedtls_ccm_encrypt_and_tag(&ctx, pcose->cbContent, rgbIV, NSize, pbAuthData, cbAuthData, pcose->pbContent, rgbOut, &rgbOut[pcose->cbContent], TSize), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!mbedtls_ccm_encrypt_and_tag(&ctx, pcose->cbContent, rgbIV,
+ NSize, pbAuthData, cbAuthData, pcose->pbContent, rgbOut,
+ &rgbOut[pcose->cbContent], TSize),
+ COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(rgbOut, (int)pcose->cbContent + TSize, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cnTmp = cn_cbor_data_create(
+ rgbOut, (int)pcose->cbContent + TSize, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
cnTmp = NULL;
mbedtls_ccm_free(&ctx);
-
+
return true;
errorReturn:
- if (pbIV != NULL) COSE_FREE(pbIV, context);
- if (cbor_iv_t != NULL) COSE_FREE(cbor_iv_t, context);
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
- if (cnTmp != NULL) COSE_FREE(cnTmp, context);
+ if (pbIV != NULL)
+ COSE_FREE(pbIV, context);
+ if (cbor_iv_t != NULL)
+ COSE_FREE(cbor_iv_t, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
+ if (cnTmp != NULL)
+ COSE_FREE(cnTmp, context);
mbedtls_ccm_free(&ctx);
return false;
}
-bool AES_GCM_Decrypt(COSE_Enveloped * pcose, const byte * pbKey, size_t cbKey, const byte * pbCrypto, size_t cbCrypto, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_GCM_Decrypt(COSE_Enveloped *pcose,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbCrypto,
+ size_t cbCrypto,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
mbedtls_gcm_context ctx;
int cbOut;
- byte * rgbOut = NULL;
- byte rgbIV[15] = { 0 };
- const cn_cbor * pIV = NULL;
+ byte *rgbOut = NULL;
+ byte rgbIV[15] = {0};
+ const cn_cbor *pIV = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
int TSize = 128 / 8;
// Make it first so we can clean it up
mbedtls_gcm_init(&ctx);
-
// Setup the IV/Nonce and put it into the message
pIV = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, NULL);
if ((pIV == NULL) || (pIV->type != CN_CBOR_BYTES)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
errorReturn:
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
mbedtls_gcm_free(&ctx);
return false;
}
@@ -184,21 +225,23 @@
// Setup and run the OpenSSL code
switch (cbKey) {
- case 128 / 8:
- case 192 / 8:
- case 256 / 8:
- break;
+ case 128 / 8:
+ case 192 / 8:
+ case 256 / 8:
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
// Do the setup for OpenSSL
- CHECK_CONDITION0(mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, pbKey, cbKey * 8), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, pbKey, cbKey * 8),
+ COSE_ERR_CRYPTO_FAIL);
- //
+ //
cbOut = (int)cbCrypto - TSize;
rgbOut = (byte *)COSE_CALLOC(cbOut, 1, context);
@@ -207,16 +250,16 @@
// Process content
byte tag[128 / 8];
- CHECK_CONDITION0(mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_DECRYPT, cbOut,
- rgbIV, 96 / 8,
- pbAuthData, cbAuthData,
- pbCrypto, rgbOut,
- TSize, tag), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_gcm_crypt_and_tag(&ctx, MBEDTLS_GCM_DECRYPT, cbOut, rgbIV,
+ 96 / 8, pbAuthData, cbAuthData, pbCrypto, rgbOut, TSize, tag),
+ COSE_ERR_CRYPTO_FAIL);
// CHECK TAG HERE
bool f = false;
- byte * pb = pbCrypto + cbOut;
- for (int i = 0; i < (unsigned int)TSize; i++) f |= (pb[i] != tag[i]);
+ byte *pb = pbCrypto + cbOut;
+ for (int i = 0; i < (unsigned int)TSize; i++)
+ f |= (pb[i] != tag[i]);
CHECK_CONDITION(!f, COSE_ERR_CRYPTO_FAIL);
mbedtls_gcm_free(&ctx);
@@ -227,16 +270,21 @@
return true;
}
-bool AES_GCM_Encrypt(COSE_Enveloped * pcose, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_GCM_Encrypt(COSE_Enveloped *pcose,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
mbedtls_gcm_context ctx;
- byte * rgbOut = NULL;
- byte rgbIV[16] = { 0 };
- byte * pbIV = NULL;
- const cn_cbor * cbor_iv = NULL;
- cn_cbor * cbor_iv_t = NULL;
+ byte *rgbOut = NULL;
+ byte rgbIV[16] = {0};
+ byte *pbIV = NULL;
+ const cn_cbor *cbor_iv = NULL;
+ cn_cbor *cbor_iv_t = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
cn_cbor_errback cbor_error;
@@ -245,68 +293,86 @@
// Setup the IV/Nonce and put it into the message
- cbor_iv = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
+ cbor_iv =
+ _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
if (cbor_iv == NULL) {
pbIV = COSE_CALLOC(96, 1, context);
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, 96 / 8);
memcpy(rgbIV, pbIV, 96 / 8);
- cbor_iv_t = cn_cbor_data_create(pbIV, 96 / 8, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cbor_iv_t = cn_cbor_data_create(
+ pbIV, 96 / 8, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
- if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t,
+ COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
cbor_iv_t = NULL;
- }
- else {
- CHECK_CONDITION(cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION(
+ cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(cbor_iv->length == 96 / 8, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbIV, cbor_iv->v.str, cbor_iv->length);
}
-
switch (cbKey * 8) {
- case 128:
- case 192:
- case 256:
- break;
+ case 128:
+ case 192:
+ case 256:
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
// Setup and run the OpenSSL code
- CHECK_CONDITION0(mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, pbKey, cbKey * 8), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_gcm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, pbKey, cbKey * 8),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION0(mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_ENCRYPT, rgbIV, 96 / 8, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_ENCRYPT, rgbIV,
+ 96 / 8, pbAuthData, cbAuthData),
+ COSE_ERR_CRYPTO_FAIL);
rgbOut = (byte *)COSE_CALLOC(pcose->cbContent + 128 / 8, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION0(mbedtls_gcm_update(&ctx, pcose->cbContent, pcose->pbContent, rgbOut), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_gcm_update(&ctx, pcose->cbContent, pcose->pbContent, rgbOut),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION0(mbedtls_gcm_finish(&ctx, &rgbOut[pcose->cbContent], 128 / 8), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_gcm_finish(&ctx, &rgbOut[pcose->cbContent], 128 / 8),
+ COSE_ERR_CRYPTO_FAIL);
- cn_cbor * cnTmp = cn_cbor_data_create(rgbOut, (int)pcose->cbContent + 128 / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cnTmp = cn_cbor_data_create(
+ rgbOut, (int)pcose->cbContent + 128 / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
mbedtls_gcm_free(&ctx);
return true;
errorReturn:
- if (pbIV != NULL) COSE_FREE(pbIV, context);
- if (cbor_iv_t != NULL) COSE_FREE(cbor_iv_t, context);
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
+ if (pbIV != NULL)
+ COSE_FREE(pbIV, context);
+ if (cbor_iv_t != NULL)
+ COSE_FREE(cbor_iv_t, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
mbedtls_gcm_free(&ctx);
return false;
}
/*
-bool AES_CBC_MAC_Create(COSE_MacMessage * pcose, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CBC_MAC_Create(COSE_MacMessage * pcose, int TSize, const byte * pbKey,
+size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
{
const EVP_CIPHER * pcipher = NULL;
EVP_CIPHER_CTX ctx;
@@ -340,22 +406,26 @@
// Setup and run the OpenSSL code
- CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbKey, rgbIV),
+COSE_ERR_CRYPTO_FAIL);
for (i = 0; i < (unsigned int)cbAuthData / 16; i++) {
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, pbAuthData + (i * 16), 16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, pbAuthData + (i
+* 16), 16), COSE_ERR_CRYPTO_FAIL);
}
if (cbAuthData % 16 != 0) {
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, pbAuthData + (i * 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, rgbIV, 16 - (cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, pbAuthData + (i
+* 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, rgbIV, 16 -
+(cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
}
cn = cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cn != NULL, COSE_ERR_OUT_OF_MEMORY);
rgbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn, INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
- cn = NULL;
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn, INDEX_MAC_TAG,
+CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR); cn = NULL;
EVP_CIPHER_CTX_cleanup(&ctx);
return !f;
@@ -367,7 +437,9 @@
return false;
}
-bool AES_CBC_MAC_Validate(COSE_MacMessage * pcose, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CBC_MAC_Validate(COSE_MacMessage * pcose, int TSize, const byte *
+pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback *
+perr)
{
const EVP_CIPHER * pcipher = NULL;
EVP_CIPHER_CTX ctx;
@@ -393,22 +465,27 @@
// Setup and run the OpenSSL code
EVP_CIPHER_CTX_init(&ctx);
- CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbKey, rgbIV),
+COSE_ERR_CRYPTO_FAIL);
TSize /= 8;
for (i = 0; i < (unsigned int) cbAuthData / 16; i++) {
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, pbAuthData+(i*16), 16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut,
+pbAuthData+(i*16), 16), COSE_ERR_CRYPTO_FAIL);
}
if (cbAuthData % 16 != 0) {
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, pbAuthData + (i * 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, rgbIV, 16 - (cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, pbAuthData + (i
+* 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbTag, &cbOut, rgbIV, 16 -
+(cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
}
cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);
- for (i = 0; i < (unsigned int)TSize; i++) f |= (cn->v.bytes[i] != rgbTag[i]);
+ for (i = 0; i < (unsigned int)TSize; i++) f |= (cn->v.bytes[i] !=
+rgbTag[i]);
EVP_CIPHER_CTX_cleanup(&ctx);
return !f;
@@ -420,7 +497,8 @@
#if 0
// We are doing CBC-MAC not CMAC at this time
-bool AES_CMAC_Validate(COSE_MacMessage * pcose, int KeySize, int TagSize, const byte * pbAuthData, int cbAuthData, cose_errback * perr)
+bool AES_CMAC_Validate(COSE_MacMessage * pcose, int KeySize, int TagSize, const
+byte * pbAuthData, int cbAuthData, cose_errback * perr)
{
CMAC_CTX * pctx = NULL;
const EVP_CIPHER * pcipher = NULL;
@@ -444,14 +522,16 @@
rgbOut = COSE_CALLOC(128/8, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(CMAC_Init(pctx, pcose->pbKey, pcose->cbKey, pcipher, NULL ) == 1, COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(CMAC_Update(pctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(CMAC_Final(pctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(CMAC_Init(pctx, pcose->pbKey, pcose->cbKey, pcipher, NULL )
+== 1, COSE_ERR_CRYPTO_FAIL); CHECK_CONDITION(CMAC_Update(pctx, pbAuthData,
+cbAuthData), COSE_ERR_CRYPTO_FAIL); CHECK_CONDITION(CMAC_Final(pctx, rgbOut,
+&cbOut), COSE_ERR_CRYPTO_FAIL);
cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);
- for (i = 0; i < (unsigned int)TagSize / 8; i++) f |= (cn->v.bytes[i] != rgbOut[i]);
+ for (i = 0; i < (unsigned int)TagSize / 8; i++) f |= (cn->v.bytes[i] !=
+rgbOut[i]);
COSE_FREE(rgbOut, context);
CMAC_CTX_cleanup(pctx);
@@ -467,7 +547,9 @@
}
#endif
-bool HKDF_AES_Expand(COSE * pcose, size_t cbitKey, const byte * pbPRK, size_t cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput, cose_errback * perr)
+bool HKDF_AES_Expand(COSE * pcose, size_t cbitKey, const byte * pbPRK, size_t
+cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput,
+cose_errback * perr)
{
const EVP_CIPHER * pcipher = NULL;
EVP_CIPHER_CTX ctx;
@@ -501,15 +583,18 @@
for (ib = 0; ib < cbOutput; ib += 16, bCount += 1) {
size_t ib2;
- CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbPRK, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(&ctx, pcipher, NULL, pbPRK, rgbIV),
+COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, rgbDigest, cbDigest), COSE_ERR_CRYPTO_FAIL);
- for (ib2 = 0; ib2 < cbInfo; ib2+=16) {
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, pbInfo+ib2, (int) MIN(16, cbInfo-ib2)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, rgbDigest,
+cbDigest), COSE_ERR_CRYPTO_FAIL); for (ib2 = 0; ib2 < cbInfo; ib2+=16) {
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, pbInfo+ib2,
+(int) MIN(16, cbInfo-ib2)), COSE_ERR_CRYPTO_FAIL);
}
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, &bCount, 1), COSE_ERR_CRYPTO_FAIL);
- if ((cbInfo + 1) % 16 != 0) {
- CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, rgbIV, (int) 16-(cbInfo+1)%16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, &bCount, 1),
+COSE_ERR_CRYPTO_FAIL); if ((cbInfo + 1) % 16 != 0) {
+ CHECK_CONDITION(EVP_EncryptUpdate(&ctx, rgbOut, &cbOut, rgbIV, (int)
+16-(cbInfo+1)%16), COSE_ERR_CRYPTO_FAIL);
}
memcpy(rgbDigest, rgbOut, cbOut);
cbDigest = cbOut;
@@ -525,53 +610,79 @@
}
*/
-bool HKDF_Extract(COSE * pcose, const byte * pbKey, size_t cbKey, size_t cbitDigest, byte * rgbDigest, size_t * pcbDigest, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool HKDF_Extract(COSE *pcose,
+ const byte *pbKey,
+ size_t cbKey,
+ size_t cbitDigest,
+ byte *rgbDigest,
+ size_t *pcbDigest,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- mbedtls_md_info_t * pmd;
- mbedtls_md_type_t mdType;
+ mbedtls_md_info_t *pmd;
+ mbedtls_md_type_t mdType;
- int cbSalt;
- cn_cbor * cnSalt;
- unsigned int cbDigest;
+ int cbSalt;
+ cn_cbor *cnSalt;
+ unsigned int cbDigest;
- if (0) {
- errorReturn:
- return false;
- }
+ if (0) {
+ errorReturn:
+ return false;
+ }
- switch (cbitDigest) {
- case 256: mdType = MBEDTLS_MD_SHA256; cbDigest = 256 / 8; break;
- case 384: mdType = MBEDTLS_MD_SHA384; cbDigest = 384 / 8; break;
- case 512: mdType = MBEDTLS_MD_SHA512; cbDigest = 512 / 8; break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
- }
+ switch (cbitDigest) {
+ case 256:
+ mdType = MBEDTLS_MD_SHA256;
+ cbDigest = 256 / 8;
+ break;
+ case 384:
+ mdType = MBEDTLS_MD_SHA384;
+ cbDigest = 384 / 8;
+ break;
+ case 512:
+ mdType = MBEDTLS_MD_SHA512;
+ cbDigest = 512 / 8;
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
+ }
- pmd = mbedtls_md_info_from_type(mdType);
- if (pmd == NULL) goto errorReturn;
+ pmd = mbedtls_md_info_from_type(mdType);
+ if (pmd == NULL)
+ goto errorReturn;
- cbSalt = 0;
- byte * pbSalt = NULL;
+ cbSalt = 0;
+ byte *pbSalt = NULL;
- cnSalt = _COSE_map_get_int(pcose, COSE_Header_HKDF_salt, COSE_BOTH, perr);
+ cnSalt = _COSE_map_get_int(pcose, COSE_Header_HKDF_salt, COSE_BOTH, perr);
- if (cnSalt != NULL) {
- pbSalt = cnSalt->v.bytes;
+ if (cnSalt != NULL) {
+ pbSalt = cnSalt->v.bytes;
cbSalt = (int)cnSalt->length;
- }
+ }
- CHECK_CONDITION0(mbedtls_hkdf_extract(pmd, pbSalt, cbSalt, pbKey, cbKey, rgbDigest), 0);
+ CHECK_CONDITION0(
+ mbedtls_hkdf_extract(pmd, pbSalt, cbSalt, pbKey, cbKey, rgbDigest), 0);
- *pcbDigest = cbDigest;
+ *pcbDigest = cbDigest;
- return true;
+ return true;
}
-bool HKDF_Expand(COSE * pcose, size_t cbitDigest, const byte * pbPRK, size_t cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput, cose_errback * perr)
+bool HKDF_Expand(COSE *pcose,
+ size_t cbitDigest,
+ const byte *pbPRK,
+ size_t cbPRK,
+ const byte *pbInfo,
+ size_t cbInfo,
+ byte *pbOutput,
+ size_t cbOutput,
+ cose_errback *perr)
{
UNUSED(pcose);
mbedtls_md_type_t mdType;
- mbedtls_md_info_t * pmd;
-
+ mbedtls_md_info_t *pmd;
unsigned int cbDigest = 0;
@@ -581,21 +692,33 @@
}
switch (cbitDigest) {
- case 256: mdType = MBEDTLS_MD_SHA256; cbDigest = 256 / 8; break;
- case 384: mdType = MBEDTLS_MD_SHA384; cbDigest = 384 / 8; break;
- case 512: mdType = MBEDTLS_MD_SHA512; cbDigest = 512 / 8; break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
- }
+ case 256:
+ mdType = MBEDTLS_MD_SHA256;
+ cbDigest = 256 / 8;
+ break;
+ case 384:
+ mdType = MBEDTLS_MD_SHA384;
+ cbDigest = 384 / 8;
+ break;
+ case 512:
+ mdType = MBEDTLS_MD_SHA512;
+ cbDigest = 512 / 8;
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
+ }
- pmd = mbedtls_md_info_from_type(mdType);
- if (pmd == NULL) goto errorReturn;
+ pmd = mbedtls_md_info_from_type(mdType);
+ if (pmd == NULL)
+ goto errorReturn;
+ if (mbedtls_hkdf_expand(
+ pmd, pbPRK, cbPRK, pbInfo, cbInfo, pbOutput, cbOutput) != 0) {
+ goto errorReturn;
+ }
- if (mbedtls_hkdf_expand(pmd, pbPRK, cbPRK, pbInfo, cbInfo, pbOutput, cbOutput) != 0) {
- goto errorReturn;
- }
-
- return true;
+ return true;
}
/*
void dump_output(byte* b, size_t s){
@@ -643,94 +766,136 @@
}
*/
-bool HMAC_Create(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool HMAC_Create(COSE_MacMessage *pcose,
+ int HSize,
+ int TSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
- byte * rgbOut = NULL;
-// unsigned int cbOut;
+ byte *rgbOut = NULL;
+ // unsigned int cbOut;
mbedtls_md_context_t contx;
- const char* md_name;
- const struct mbedtls_md_info_t * info;
+ const char *md_name;
+ const struct mbedtls_md_info_t *info;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
switch (HSize) {
- case 256: md_name = "SHA256"; break;
- case 384: md_name = "SHA384"; break;
- case 512: md_name = "SHA512"; break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
+ case 256:
+ md_name = "SHA256";
+ break;
+ case 384:
+ md_name = "SHA384";
+ break;
+ case 512:
+ md_name = "SHA512";
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
if (0) {
errorReturn:
COSE_FREE(rgbOut, context);
- mbedtls_md_free(&contx);
+ mbedtls_md_free(&contx);
return false;
}
mbedtls_md_init(&contx);
- info = mbedtls_md_info_from_string (md_name);
- mbedtls_md_setup( &contx, info, 1 );
+ info = mbedtls_md_info_from_string(md_name);
+ mbedtls_md_setup(&contx, info, 1);
rgbOut = COSE_CALLOC(mbedtls_md_get_size(info), 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(!(mbedtls_md_hmac_update (&contx, pbAuthData, cbAuthData)), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(!(mbedtls_md_hmac_finish (&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ !(mbedtls_md_hmac_starts(&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!(mbedtls_md_hmac_update(&contx, pbAuthData, cbAuthData)),
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ !(mbedtls_md_hmac_finish(&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL), INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message,
+ cn_cbor_data_create(
+ rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL),
+ INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
- mbedtls_md_free(&contx);
+ mbedtls_md_free(&contx);
return true;
}
-bool HMAC_Validate(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool HMAC_Validate(COSE_MacMessage *pcose,
+ int HSize,
+ int TSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
mbedtls_md_context_t contx;
- const char* md_name;
- const struct mbedtls_md_info_t * info;
- byte * rgbOut = NULL;
+ const char *md_name;
+ const struct mbedtls_md_info_t *info;
+ byte *rgbOut = NULL;
unsigned int cbOut;
bool f = false;
unsigned int i;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
switch (HSize) {
- case 256: md_name = "SHA256"; break;
- case 384: md_name = "SHA384"; break;
- case 512: md_name = "SHA512"; break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
+ case 256:
+ md_name = "SHA256";
+ break;
+ case 384:
+ md_name = "SHA384";
+ break;
+ case 512:
+ md_name = "SHA512";
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
mbedtls_md_init(&contx);
- info = mbedtls_md_info_from_string (md_name);
- mbedtls_md_setup( &contx, info, 1 );
-
+ info = mbedtls_md_info_from_string(md_name);
+ mbedtls_md_setup(&contx, info, 1);
+
cbOut = mbedtls_md_get_size(info);
rgbOut = COSE_CALLOC(cbOut, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(!(mbedtls_md_hmac_starts (&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(!(mbedtls_md_hmac_update (&contx, pbAuthData, cbAuthData)), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(!(mbedtls_md_hmac_finish (&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ !(mbedtls_md_hmac_starts(&contx, pbKey, cbKey)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(!(mbedtls_md_hmac_update(&contx, pbAuthData, cbAuthData)),
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ !(mbedtls_md_hmac_finish(&contx, rgbOut)), COSE_ERR_CRYPTO_FAIL);
- cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
+ cn_cbor *cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);
- if (cn->length > (int) cbOut) return false;
- for (i = 0; i < (unsigned int) TSize/8; i++) f |= (cn->v.bytes[i] != rgbOut[i]);
+ if (cn->length > (int)cbOut)
+ return false;
+ for (i = 0; i < (unsigned int)TSize / 8; i++)
+ f |= (cn->v.bytes[i] != rgbOut[i]);
- mbedtls_md_free(&contx);
+ mbedtls_md_free(&contx);
return !f;
errorReturn:
COSE_FREE(rgbOut, context);
- mbedtls_md_free(&contx);
+ mbedtls_md_free(&contx);
return false;
}
@@ -739,50 +904,54 @@
#define COSE_Key_EC_Y -3
#define COSE_Key_EC_d -4
-bool ECKey_From(const cn_cbor * pKey, mbedtls_ecp_keypair *keypair, cose_errback * perr)
+bool ECKey_From(const cn_cbor *pKey,
+ mbedtls_ecp_keypair *keypair,
+ cose_errback *perr)
{
- byte rgbKey[MBEDTLS_ECP_MAX_PT_LEN];
+ byte rgbKey[MBEDTLS_ECP_MAX_PT_LEN];
int cbKey;
int cbGroup;
- const cn_cbor * p;
+ const cn_cbor *p;
mbedtls_ecp_group_id groupId;
p = cn_cbor_mapget_int(pKey, COSE_Key_Type);
CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
- if(p->type == CN_CBOR_UINT) {
- CHECK_CONDITION(p->v.uint == COSE_Key_Type_EC2, COSE_ERR_INVALID_PARAMETER);
- }
- else {
+ if (p->type == CN_CBOR_UINT) {
+ CHECK_CONDITION(
+ p->v.uint == COSE_Key_Type_EC2, COSE_ERR_INVALID_PARAMETER);
+ } else {
FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_Curve);
- CHECK_CONDITION((p != NULL) && (p->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ (p != NULL) && (p->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
switch (p->v.uint) {
- case 1: // P-256
- groupId = MBEDTLS_ECP_DP_SECP256R1;
- break;
+ case 1: // P-256
+ groupId = MBEDTLS_ECP_DP_SECP256R1;
+ break;
- case 2: // P-384
- groupId = MBEDTLS_ECP_DP_SECP384R1;
- break;
+ case 2: // P-384
+ groupId = MBEDTLS_ECP_DP_SECP384R1;
+ break;
- case 3: // P-521
- groupId = MBEDTLS_ECP_DP_SECP521R1;
- break;
+ case 3: // P-521
+ groupId = MBEDTLS_ECP_DP_SECP521R1;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
- CHECK_CONDITION(mbedtls_ecp_group_load(&keypair->grp, groupId) == 0, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(mbedtls_ecp_group_load(&keypair->grp, groupId) == 0,
+ COSE_ERR_INVALID_PARAMETER);
cbGroup = (keypair->grp.nbits + 7) / 8;
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_X);
- CHECK_CONDITION((p != NULL) && (p->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ (p != NULL) && (p->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(p->length == cbGroup, COSE_ERR_INVALID_PARAMETER);
- memcpy(rgbKey+1, p->v.str, p->length);
-
+ memcpy(rgbKey + 1, p->v.str, p->length);
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_Y);
CHECK_CONDITION((p != NULL), COSE_ERR_INVALID_PARAMETER);
@@ -791,23 +960,25 @@
cbKey = cbGroup * 2 + 1;
CHECK_CONDITION(p->length == cbGroup, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbKey + p->length + 1, p->v.str, p->length);
- }
- else if (p->type == CN_CBOR_TRUE) {
+ } else if (p->type == CN_CBOR_TRUE) {
cbKey = cbGroup + 1;
rgbKey[0] = 0x03;
- }
- else if (p->type == CN_CBOR_FALSE) {
+ } else if (p->type == CN_CBOR_FALSE) {
cbKey = cbGroup + 1;
rgbKey[0] = 0x02;
- }
- else FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ } else
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(mbedtls_ecp_point_read_binary(&keypair->grp, &keypair->Q, rgbKey, cbKey) == 0, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(mbedtls_ecp_point_read_binary(
+ &keypair->grp, &keypair->Q, rgbKey, cbKey) == 0,
+ COSE_ERR_INVALID_PARAMETER);
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_d);
if (p != NULL) {
CHECK_CONDITION(p->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(mbedtls_mpi_read_binary( &keypair->d, p->v.bytes, p->length) == 0, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ mbedtls_mpi_read_binary(&keypair->d, p->v.bytes, p->length) == 0,
+ COSE_ERR_CRYPTO_FAIL);
}
return true;
@@ -816,7 +987,8 @@
}
/*
-cn_cbor * EC_FromKey(const EC_KEY * pKey, CBOR_CONTEXT_COMMA cose_errback * perr)
+cn_cbor * EC_FromKey(const EC_KEY * pKey, CBOR_CONTEXT_COMMA cose_errback *
+perr)
{
cn_cbor * pkey = NULL;
const EC_GROUP * pgroup;
@@ -844,49 +1016,52 @@
p = cn_cbor_int_create(cose_group, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Curve, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Curve, p,
+CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error); p = NULL;
pPoint = EC_KEY_get0_public_key(pKey);
CHECK_CONDITION(pPoint != NULL, COSE_ERR_INVALID_PARAMETER);
if (FUseCompressed) {
- cbSize = EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
- CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL);
- pbOut = COSE_CALLOC(cbSize, 1, context);
- CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED, pbOut, cbSize, NULL) == cbSize, COSE_ERR_CRYPTO_FAIL);
+ cbSize = EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED,
+NULL, 0, NULL); CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL); pbOut =
+COSE_CALLOC(cbSize, 1, context); CHECK_CONDITION(pbOut != NULL,
+COSE_ERR_OUT_OF_MEMORY); CHECK_CONDITION(EC_POINT_point2oct(pgroup, pPoint,
+POINT_CONVERSION_COMPRESSED, pbOut, cbSize, NULL) == cbSize,
+COSE_ERR_CRYPTO_FAIL);
}
else {
- cbSize = EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
- CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL);
- pbOut = COSE_CALLOC(cbSize, 1, context);
+ cbSize = EC_POINT_point2oct(pgroup, pPoint,
+POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL); CHECK_CONDITION(cbSize > 0,
+COSE_ERR_CRYPTO_FAIL); pbOut = COSE_CALLOC(cbSize, 1, context);
CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED, pbOut, cbSize, NULL) == cbSize, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EC_POINT_point2oct(pgroup, pPoint,
+POINT_CONVERSION_UNCOMPRESSED, pbOut, cbSize, NULL) == cbSize,
+COSE_ERR_CRYPTO_FAIL);
}
- p = cn_cbor_data_create(pbOut+1, (int) (cbSize / 2), CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ p = cn_cbor_data_create(pbOut+1, (int) (cbSize / 2),
+CBOR_CONTEXT_PARAM_COMMA &cbor_error); CHECK_CONDITION_CBOR(p != NULL,
+cbor_error); CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p,
+CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error); p = NULL;
if (FUseCompressed) {
- p = cn_cbor_bool_create(pbOut[0] & 1, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ p = cn_cbor_bool_create(pbOut[0] & 1, CBOR_CONTEXT_PARAM_COMMA
+&cbor_error); CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
+CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error); p = NULL;
}
else {
- p = cn_cbor_data_create(pbOut + cbSize / 2 + 1, (int)(cbSize / 2), CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- pbOut = NULL; // It is already part of the other one.
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ p = cn_cbor_data_create(pbOut + cbSize / 2 + 1, (int)(cbSize / 2),
+CBOR_CONTEXT_PARAM_COMMA &cbor_error); pbOut = NULL; // It is already part of
+the other one. CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
+CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error); p = NULL;
}
- p = cn_cbor_int_create(COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_Type, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ p = cn_cbor_int_create(COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA
+&cbor_error); CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_Type, p,
+CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error); p = NULL;
returnHere:
if (pbOut != NULL) COSE_FREE(pbOut, context);
@@ -900,11 +1075,17 @@
}
*/
-bool ECDSA_Sign(COSE * pSigner, int index, const cn_cbor * pKey, int cbitDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr)
+bool ECDSA_Sign(COSE *pSigner,
+ int index,
+ const cn_cbor *pKey,
+ int cbitDigest,
+ const byte *rgbToSign,
+ size_t cbToSign,
+ cose_errback *perr)
{
#if defined(MBEDTLS_ECDSA_DETERMINISTIC)
byte rgbDigest[MBEDTLS_MD_MAX_SIZE];
- uint8_t * pbSig = NULL;
+ uint8_t *pbSig = NULL;
cn_cbor_errback cbor_error;
int cbR;
mbedtls_md_type_t mdType;
@@ -913,54 +1094,62 @@
mbedtls_mpi r;
mbedtls_mpi s;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pSigner->m_allocContext;
+ cn_cbor_context *context = &pSigner->m_allocContext;
#endif
- cn_cbor * p = NULL;
+ cn_cbor *p = NULL;
bool result = false;
mbedtls_ecp_keypair_init(&keypair);
mbedtls_mpi_init(&r);
mbedtls_mpi_init(&s);
- if(!ECKey_From(pKey, &keypair, perr)) goto errorReturn;
+ if (!ECKey_From(pKey, &keypair, perr))
+ goto errorReturn;
CHECK_CONDITION(keypair.d.n != 0, COSE_ERR_INVALID_PARAMETER);
- switch(cbitDigest)
- {
- case 256:
- mdType = MBEDTLS_MD_SHA256;
- break;
+ switch (cbitDigest) {
+ case 256:
+ mdType = MBEDTLS_MD_SHA256;
+ break;
- case 384:
- mdType = MBEDTLS_MD_SHA384;
- break;
+ case 384:
+ mdType = MBEDTLS_MD_SHA384;
+ break;
- case 512:
- mdType = MBEDTLS_MD_SHA512;
- break;
+ case 512:
+ mdType = MBEDTLS_MD_SHA512;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
pmdInfo = mbedtls_md_info_from_type(mdType);
CHECK_CONDITION(pmdInfo != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(mbedtls_md(pmdInfo, rgbToSign, cbToSign, rgbDigest) == 0, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(mbedtls_md(pmdInfo, rgbToSign, cbToSign, rgbDigest) == 0,
+ COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(mbedtls_ecdsa_sign_det(&keypair.grp, &r, &s, &keypair.d, rgbDigest, mbedtls_md_get_size(pmdInfo), mdType) == 0, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(mbedtls_ecdsa_sign_det(&keypair.grp, &r, &s, &keypair.d,
+ rgbDigest, mbedtls_md_get_size(pmdInfo), mdType) == 0,
+ COSE_ERR_CRYPTO_FAIL);
cbR = (keypair.grp.nbits + 7) / 8;
pbSig = COSE_CALLOC(cbR, 2, context);
CHECK_CONDITION(pbSig != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(mbedtls_mpi_write_binary(&r, pbSig, cbR) == 0, COSE_ERR_INTERNAL);
- CHECK_CONDITION(mbedtls_mpi_write_binary(&s, pbSig + cbR, cbR) == 0, COSE_ERR_INTERNAL);
+ CHECK_CONDITION(
+ mbedtls_mpi_write_binary(&r, pbSig, cbR) == 0, COSE_ERR_INTERNAL);
+ CHECK_CONDITION(
+ mbedtls_mpi_write_binary(&s, pbSig + cbR, cbR) == 0, COSE_ERR_INTERNAL);
- p = cn_cbor_data_create(pbSig, cbR*2, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ p = cn_cbor_data_create(
+ pbSig, cbR * 2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION(_COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(
+ _COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
p = NULL;
pbSig = NULL;
@@ -978,7 +1167,13 @@
#endif
}
-bool ECDSA_Verify(COSE * pSigner, int index, const cn_cbor * pKey, int cbitDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr)
+bool ECDSA_Verify(COSE *pSigner,
+ int index,
+ const cn_cbor *pKey,
+ int cbitDigest,
+ const byte *rgbToSign,
+ size_t cbToSign,
+ cose_errback *perr)
{
mbedtls_ecp_keypair keypair;
mbedtls_mpi r;
@@ -986,42 +1181,51 @@
mbedtls_md_type_t mdType;
const mbedtls_md_info_t *pmdInfo;
byte rgbDigest[MBEDTLS_MD_MAX_SIZE];
- cn_cbor * pSig;
+ cn_cbor *pSig;
bool result = false;
mbedtls_ecp_keypair_init(&keypair);
mbedtls_mpi_init(&r);
mbedtls_mpi_init(&s);
- if(!ECKey_From(pKey, &keypair, perr)) goto errorReturn;
+ if (!ECKey_From(pKey, &keypair, perr))
+ goto errorReturn;
- switch(cbitDigest)
- {
- case 256:
- mdType = MBEDTLS_MD_SHA256;
- break;
+ switch (cbitDigest) {
+ case 256:
+ mdType = MBEDTLS_MD_SHA256;
+ break;
- case 384:
- mdType = MBEDTLS_MD_SHA384;
- break;
+ case 384:
+ mdType = MBEDTLS_MD_SHA384;
+ break;
- case 512:
- mdType = MBEDTLS_MD_SHA512;
- break;
+ case 512:
+ mdType = MBEDTLS_MD_SHA512;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
pmdInfo = mbedtls_md_info_from_type(mdType);
CHECK_CONDITION(pmdInfo != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(mbedtls_md(pmdInfo, rgbToSign, cbToSign, rgbDigest) == 0, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(mbedtls_md(pmdInfo, rgbToSign, cbToSign, rgbDigest) == 0,
+ COSE_ERR_INVALID_PARAMETER);
pSig = _COSE_arrayget_int(pSigner, index);
- CHECK_CONDITION((pSig != NULL) && (pSig->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION((pSig != NULL) && (pSig->type == CN_CBOR_BYTES),
+ COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(mbedtls_mpi_read_binary( &r, pSig->v.bytes, pSig->length / 2 ) == 0, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(mbedtls_mpi_read_binary( &s, pSig->v.bytes + pSig->length / 2, pSig->length / 2 ) == 0, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(mbedtls_ecdsa_verify(&keypair.grp, rgbDigest, mbedtls_md_get_size(pmdInfo), &keypair.Q, &r, &s) == 0, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ mbedtls_mpi_read_binary(&r, pSig->v.bytes, pSig->length / 2) == 0,
+ COSE_ERR_OUT_OF_MEMORY);
+ CHECK_CONDITION(
+ mbedtls_mpi_read_binary(
+ &s, pSig->v.bytes + pSig->length / 2, pSig->length / 2) == 0,
+ COSE_ERR_OUT_OF_MEMORY);
+ CHECK_CONDITION(mbedtls_ecdsa_verify(&keypair.grp, rgbDigest,
+ mbedtls_md_get_size(pmdInfo), &keypair.Q, &r, &s) == 0,
+ COSE_ERR_CRYPTO_FAIL);
result = true;
@@ -1033,84 +1237,107 @@
}
#ifdef MBEDTLS_NIST_KW_C
-bool AES_KW_Decrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_t cbitKey, const byte * pbCipherText, size_t cbCipherText, byte * pbKeyOut, int * pcbKeyOut, cose_errback * perr)
+bool AES_KW_Decrypt(COSE_Enveloped *pcose,
+ const byte *pbKeyIn,
+ size_t cbitKey,
+ const byte *pbCipherText,
+ size_t cbCipherText,
+ byte *pbKeyOut,
+ int *pcbKeyOut,
+ cose_errback *perr)
{
- mbedtls_nist_kw_context ctx;
+ mbedtls_nist_kw_context ctx;
- mbedtls_nist_kw_init(&ctx);
+ mbedtls_nist_kw_init(&ctx);
- CHECK_CONDITION0(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, pbKeyIn, cbitKey, FALSE), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(mbedtls_nist_kw_setkey(
+ &ctx, MBEDTLS_CIPHER_ID_AES, pbKeyIn, cbitKey, FALSE),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION0(mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, pbCipherText, cbCipherText,
- pbKeyOut, pcbKeyOut, cbCipherText-8), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_nist_kw_unwrap(&ctx, MBEDTLS_KW_MODE_KW, pbCipherText,
+ cbCipherText, pbKeyOut, pcbKeyOut, cbCipherText - 8),
+ COSE_ERR_CRYPTO_FAIL);
- mbedtls_nist_kw_free(&ctx);
- return true;
+ mbedtls_nist_kw_free(&ctx);
+ return true;
errorReturn:
- mbedtls_nist_kw_free(&ctx);
- return false;
+ mbedtls_nist_kw_free(&ctx);
+ return false;
}
-bool AES_KW_Encrypt(COSE_RecipientInfo * pcose, const byte * pbKeyIn, int cbitKey, const byte * pbContent, int cbContent, cose_errback * perr)
+bool AES_KW_Encrypt(COSE_RecipientInfo *pcose,
+ const byte *pbKeyIn,
+ int cbitKey,
+ const byte *pbContent,
+ int cbContent,
+ cose_errback *perr)
{
- byte *pbOut = NULL;
+ byte *pbOut = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_encrypt.m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_encrypt.m_message.m_allocContext;
#endif
- cn_cbor * cnTmp = NULL;
- mbedtls_nist_kw_context ctx;
- size_t cbOut;
+ cn_cbor *cnTmp = NULL;
+ mbedtls_nist_kw_context ctx;
+ size_t cbOut;
- mbedtls_nist_kw_init(&ctx);
+ mbedtls_nist_kw_init(&ctx);
- pbOut = COSE_CALLOC(cbContent + 8, 1, context);
- CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
+ pbOut = COSE_CALLOC(cbContent + 8, 1, context);
+ CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION0(mbedtls_nist_kw_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, pbKeyIn, cbitKey, FALSE), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(mbedtls_nist_kw_setkey(
+ &ctx, MBEDTLS_CIPHER_ID_AES, pbKeyIn, cbitKey, FALSE),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION0(mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, pbContent, cbContent,
- pbOut, &cbOut, cbContent+8), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(mbedtls_nist_kw_wrap(&ctx, MBEDTLS_KW_MODE_KW, pbContent,
+ cbContent, pbOut, &cbOut, cbContent + 8),
+ COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(pbOut, (int)cbContent + 8, CBOR_CONTEXT_PARAM_COMMA NULL);
- CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
- pbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_encrypt.m_message, cnTmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
- cnTmp = NULL;
+ cnTmp = cn_cbor_data_create(
+ pbOut, (int)cbContent + 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
+ pbOut = NULL;
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_encrypt.m_message, cnTmp,
+ INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
+ cnTmp = NULL;
- mbedtls_nist_kw_free(&ctx);
- return true;
+ mbedtls_nist_kw_free(&ctx);
+ return true;
errorReturn:
- COSE_FREE(cnTmp, context);
- if (pbOut != NULL) COSE_FREE(pbOut, context);
- mbedtls_nist_kw_free(&ctx);
- return false;
+ COSE_FREE(cnTmp, context);
+ if (pbOut != NULL)
+ COSE_FREE(pbOut, context);
+ mbedtls_nist_kw_free(&ctx);
+ return false;
}
-#endif // MBEDTLS_NIST_KW_C
+#endif // MBEDTLS_NIST_KW_C
/*
//#include <stdio.h> //TODO
void rand_bytes(byte * pb, size_t cb){
// https://tls.mbed.org/kb/how-to/add-a-random-generator
- //init random
- mbedtls_ctr_drbg_context ctr_drbg;
- char *personalization = "my_app_specific_string";
+ //init random
+ mbedtls_ctr_drbg_context ctr_drbg;
+ char *personalization = "my_app_specific_string";
- ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
- (const unsigned char *) personalization,
- strlen( personalization ) );
-
- if(ret != 0) {
- //printf TODO
- }
-
- mbedtls_ctr_drbg_random(&ctx,pb, cb);
+ ret = mbedtls_ctr_drbg_init( &ctr_drbg, mbedtls_entropy_func, &entropy,
+ (const unsigned char *)
+personalization, strlen( personalization ) );
- mbedtls_ctr_drbg_free(&ctx);
- printf("rand byute done\n");
+ if(ret != 0) {
+ //printf TODO
+ }
+
+ mbedtls_ctr_drbg_random(&ctx,pb, cb);
+
+ mbedtls_ctr_drbg_free(&ctx);
+ printf("rand byute done\n");
}*/
-//TODO HOW TO GENERATE GOOD RANDOM BYTES
+// TODO HOW TO GENERATE GOOD RANDOM BYTES
#if 0
static const unsigned char entropy_source_pr[96] =
{ 0xc1, 0x80, 0x81, 0xa6, 0x5d, 0x44, 0x02, 0x16,
@@ -1127,17 +1354,15 @@
0x2c, 0x4a, 0x6e, 0xff, 0xdc, 0x10, 0xd0, 0x68 };
#endif
-static const unsigned char nonce_pers_pr[16] =
- { 0xd2, 0x54, 0xfc, 0xff, 0x02, 0x1e, 0x69, 0xd2,
- 0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c };
+static const unsigned char nonce_pers_pr[16] = {0xd2, 0x54, 0xfc, 0xff, 0x02,
+ 0x1e, 0x69, 0xd2, 0x29, 0xc9, 0xcf, 0xad, 0x85, 0xfa, 0x48, 0x6c};
/*
static size_t test_offset;
-static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, size_t len ) {
- const unsigned char *p = data;
- memcpy( buf, p + test_offset, len );
- test_offset += len;
- return( 0 );
+static int ctr_drbg_self_test_entropy( void *data, unsigned char *buf, size_t
+len ) { const unsigned char *p = data; memcpy( buf, p + test_offset, len );
+ test_offset += len;
+ return( 0 );
}
*/
@@ -1145,194 +1370,227 @@
int ctx_setup = 0;
mbedtls_entropy_context entropy;
-void rand_bytes(byte* pb, size_t cb){
-
- // unsigned char buf[16];
+void rand_bytes(byte *pb, size_t cb)
+{
+ // unsigned char buf[16];
- if (!ctx_setup) {
- mbedtls_entropy_init(&entropy);
-
- mbedtls_ctr_drbg_init( &ctx );
-
- mbedtls_ctr_drbg_seed_entropy_len( &ctx, mbedtls_entropy_func, (void *) &entropy, nonce_pers_pr, 16, 32 );
+ if (!ctx_setup) {
+ mbedtls_entropy_init(&entropy);
- ctx_setup = 1;
- }
-
- //mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON );
-
- mbedtls_ctr_drbg_random( &ctx, pb, cb );
- //mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE );
- //memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
-
- // mbedtls_ctr_drbg_free( &ctx );
+ mbedtls_ctr_drbg_init(&ctx);
+
+ mbedtls_ctr_drbg_seed_entropy_len(&ctx, mbedtls_entropy_func,
+ (void *)&entropy, nonce_pers_pr, 16, 32);
+
+ ctx_setup = 1;
+ }
+
+ // mbedtls_ctr_drbg_set_prediction_resistance( &ctx, MBEDTLS_CTR_DRBG_PR_ON
+ // );
+
+ mbedtls_ctr_drbg_random(&ctx, pb, cb);
+ // mbedtls_ctr_drbg_random( &ctx, buf, MBEDTLS_CTR_DRBG_BLOCKSIZE );
+ // memcmp( buf, result_pr, MBEDTLS_CTR_DRBG_BLOCKSIZE ) );
+
+ // mbedtls_ctr_drbg_free( &ctx );
}
-int rand_bytes2(void * pv, unsigned char * pb, size_t cb)
+int rand_bytes2(void *pv, unsigned char *pb, size_t cb)
{
UNUSED(pv);
- rand_bytes(pb, cb);
- return 0;
+ rand_bytes(pb, cb);
+ return 0;
}
-//END OF TODO RANDOM BYTES
+// END OF TODO RANDOM BYTES
#if USE_ECDH
/*!
-*
-* @param[in] pRecipent Pointer to the message object
-* @param[in] ppKeyPrivate Address of key with private portion
-* @param[in] pKeyPublic Address of the key w/o a private portion
-* @param[in/out] ppbSecret pointer to buffer to hold the computed secret
-* @param[in/out] pcbSecret size of the computed secret
-* @param[in] context cbor allocation context structure
-* @param[out] perr location to return error information
-* @returns success of the function
-*/
+ *
+ * @param[in] pRecipent Pointer to the message object
+ * @param[in] ppKeyPrivate Address of key with private portion
+ * @param[in] pKeyPublic Address of the key w/o a private portion
+ * @param[in/out] ppbSecret pointer to buffer to hold the computed secret
+ * @param[in/out] pcbSecret size of the computed secret
+ * @param[in] context cbor allocation context structure
+ * @param[out] perr location to return error information
+ * @returns success of the function
+ */
-bool ECDH_ComputeSecret(COSE * pRecipient, cn_cbor ** ppKeyPrivate, const cn_cbor * pKeyPublic, byte ** ppbSecret, size_t * pcbSecret, CBOR_CONTEXT_COMMA cose_errback *perr)
+bool ECDH_ComputeSecret(COSE *pRecipient,
+ cn_cbor **ppKeyPrivate,
+ const cn_cbor *pKeyPublic,
+ byte **ppbSecret,
+ size_t *pcbSecret,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- int cbGroup;
- int cbsecret;
- byte * pbsecret = NULL;
- bool fRet = false;
- mbedtls_ecp_group_id groupId;
- mbedtls_ecp_keypair keypair;
- mbedtls_ecdh_context ctx;
- mbedtls_mpi d;
- cn_cbor * p = NULL;
- mbedtls_mpi z;
- cn_cbor * pkey = NULL;
- int cose_group;
-
- mbedtls_mpi_init(&z);
- mbedtls_ecdh_init(&ctx);
- mbedtls_mpi_init(&d);
- mbedtls_ecp_keypair_init(&keypair);
-
+ int cbGroup;
+ int cbsecret;
+ byte *pbsecret = NULL;
+ bool fRet = false;
+ mbedtls_ecp_group_id groupId;
+ mbedtls_ecp_keypair keypair;
+ mbedtls_ecdh_context ctx;
+ mbedtls_mpi d;
+ cn_cbor *p = NULL;
+ mbedtls_mpi z;
+ cn_cbor *pkey = NULL;
+ int cose_group;
- p = cn_cbor_mapget_int(pKeyPublic, COSE_Key_EC_Curve);
- CHECK_CONDITION((p != NULL) && (p->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
+ mbedtls_mpi_init(&z);
+ mbedtls_ecdh_init(&ctx);
+ mbedtls_mpi_init(&d);
+ mbedtls_ecp_keypair_init(&keypair);
- switch (p->v.uint) {
- case 1: // P-256
- groupId = MBEDTLS_ECP_DP_SECP256R1;
- cbGroup = 256 / 8;
- cose_group = 1;
- break;
+ p = cn_cbor_mapget_int(pKeyPublic, COSE_Key_EC_Curve);
+ CHECK_CONDITION(
+ (p != NULL) && (p->type == CN_CBOR_UINT), COSE_ERR_INVALID_PARAMETER);
- case 2: // P-384
- groupId = MBEDTLS_ECP_DP_SECP384R1;
- cbGroup = 384 / 12;
- cose_group = 2;
- break;
+ switch (p->v.uint) {
+ case 1: // P-256
+ groupId = MBEDTLS_ECP_DP_SECP256R1;
+ cbGroup = 256 / 8;
+ cose_group = 1;
+ break;
- case 3: // P-521
- groupId = MBEDTLS_ECP_DP_SECP521R1;
- cbGroup = (521 + 7) / 8;
- cose_group = 3;
- break;
+ case 2: // P-384
+ groupId = MBEDTLS_ECP_DP_SECP384R1;
+ cbGroup = 384 / 12;
+ cose_group = 2;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- }
+ case 3: // P-521
+ groupId = MBEDTLS_ECP_DP_SECP521R1;
+ cbGroup = (521 + 7) / 8;
+ cose_group = 3;
+ break;
+
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ }
p = NULL;
- mbedtls_ecp_group group = { 0 };
- CHECK_CONDITION0(mbedtls_ecp_group_load(&group, groupId), COSE_ERR_INVALID_PARAMETER);
+ mbedtls_ecp_group group = {0};
+ CHECK_CONDITION0(
+ mbedtls_ecp_group_load(&group, groupId), COSE_ERR_INVALID_PARAMETER);
- if (!ECKey_From(pKeyPublic, &keypair, perr)) goto errorReturn;
+ if (!ECKey_From(pKeyPublic, &keypair, perr))
+ goto errorReturn;
- if (*ppKeyPrivate == NULL) {
- {
- cn_cbor * pCompress = _COSE_map_get_int(pRecipient, COSE_Header_UseCompressedECDH, COSE_BOTH, perr);
- if (pCompress == NULL) FUseCompressed = false;
- else FUseCompressed = (pCompress->type == CN_CBOR_TRUE);
- }
- mbedtls_ecp_keypair privateKeyPair;
- mbedtls_ecp_keypair_init(&privateKeyPair);
+ if (*ppKeyPrivate == NULL) {
+ {
+ cn_cbor *pCompress = _COSE_map_get_int(
+ pRecipient, COSE_Header_UseCompressedECDH, COSE_BOTH, perr);
+ if (pCompress == NULL)
+ FUseCompressed = false;
+ else
+ FUseCompressed = (pCompress->type == CN_CBOR_TRUE);
+ }
+ mbedtls_ecp_keypair privateKeyPair;
+ mbedtls_ecp_keypair_init(&privateKeyPair);
- CHECK_CONDITION0( mbedtls_ecp_gen_key(groupId, &privateKeyPair, rand_bytes2, NULL), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION0( mbedtls_mpi_copy(&d, &privateKeyPair.d), COSE_ERR_CRYPTO_FAIL);
-
- size_t olen = 0;
- byte buff[528 * 2 / 8 + 1];
- CHECK_CONDITION0(mbedtls_ecp_point_write_binary(&group, &privateKeyPair.Q, MBEDTLS_ECP_PF_UNCOMPRESSED,
- &olen, buff, sizeof(buff)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_ecp_gen_key(groupId, &privateKeyPair, rand_bytes2, NULL),
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_mpi_copy(&d, &privateKeyPair.d), COSE_ERR_CRYPTO_FAIL);
- cn_cbor_errback cbor_error;
- int cbSize = (olen - 1)/2;
-
- pkey = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(pkey != NULL, cbor_error);
+ size_t olen = 0;
+ byte buff[528 * 2 / 8 + 1];
+ CHECK_CONDITION0(
+ mbedtls_ecp_point_write_binary(&group, &privateKeyPair.Q,
+ MBEDTLS_ECP_PF_UNCOMPRESSED, &olen, buff, sizeof(buff)),
+ COSE_ERR_CRYPTO_FAIL);
- p = cn_cbor_int_create(cose_group, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Curve, p, CBOR_CONTEXT_PARAM_COMMA perr), cbor_error);
- p = NULL;
-
- pbsecret = COSE_CALLOC(cbSize, 1, context);
- CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
- memcpy(pbsecret, buff + 1, cbSize);
+ cn_cbor_errback cbor_error;
+ int cbSize = (olen - 1) / 2;
- p = cn_cbor_data_create(pbsecret, (int) cbSize, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- pbsecret = NULL;
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
-
- pbsecret = COSE_CALLOC(cbSize, 1, context);
- CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
- memcpy(pbsecret, buff + 1 + cbSize, cbSize);
+ pkey = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ CHECK_CONDITION_CBOR(pkey != NULL, cbor_error);
- p = cn_cbor_data_create(pbsecret, cbSize, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ p = cn_cbor_int_create(
+ cose_group, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Curve, p,
+ CBOR_CONTEXT_PARAM_COMMA perr),
+ cbor_error);
+ p = NULL;
- p = cn_cbor_int_create(COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_Type, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
- p = NULL;
+ pbsecret = COSE_CALLOC(cbSize, 1, context);
+ CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
+ memcpy(pbsecret, buff + 1, cbSize);
- *ppKeyPrivate = pkey;
- pkey = NULL;
- }
- else {
+ p = cn_cbor_data_create(
+ pbsecret, (int)cbSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ pbsecret = NULL;
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
+ p = NULL;
+
+ pbsecret = COSE_CALLOC(cbSize, 1, context);
+ CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
+ memcpy(pbsecret, buff + 1 + cbSize, cbSize);
+
+ p = cn_cbor_data_create(
+ pbsecret, cbSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
+ p = NULL;
+
+ p = cn_cbor_int_create(
+ COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ CHECK_CONDITION_CBOR(p != NULL, cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_Type, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
+ p = NULL;
+
+ *ppKeyPrivate = pkey;
+ pkey = NULL;
+ } else {
p = cn_cbor_mapget_int(*ppKeyPrivate, COSE_Key_EC_d);
- CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(p->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION0(mbedtls_mpi_read_binary( &d, p->v.bytes, p->length), COSE_ERR_CRYPTO_FAIL);
- }
+ CHECK_CONDITION(p->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION0(mbedtls_mpi_read_binary(&d, p->v.bytes, p->length),
+ COSE_ERR_CRYPTO_FAIL);
+ }
+ CHECK_CONDITION0(
+ mbedtls_ecdh_compute_shared(&group, &z, &keypair.Q, &d, NULL, NULL),
+ COSE_ERR_CRYPTO_FAIL);
+ cbsecret = cbGroup;
+ pbsecret = COSE_CALLOC(cbsecret, 1, context);
+ CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION0( mbedtls_ecdh_compute_shared(&group, &z, &keypair.Q, &d, NULL, NULL), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION0(
+ mbedtls_mpi_write_binary(&z, pbsecret, cbsecret), COSE_ERR_CRYPTO_FAIL);
- cbsecret = cbGroup;
- pbsecret = COSE_CALLOC(cbsecret, 1, context);
- CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
+ *ppbSecret = pbsecret;
+ *pcbSecret = cbsecret;
+ pbsecret = NULL;
- CHECK_CONDITION0(mbedtls_mpi_write_binary(&z, pbsecret, cbsecret), COSE_ERR_CRYPTO_FAIL);
-
- *ppbSecret = pbsecret;
- *pcbSecret = cbsecret;
- pbsecret = NULL;
-
- fRet = true;
+ fRet = true;
errorReturn:
- if (pbsecret != NULL) COSE_FREE(pbsecret, context);
- if (pkey != NULL) CN_CBOR_FREE(pkey, context);
- if (p != NULL) CN_CBOR_FREE(pkey, context);
+ if (pbsecret != NULL)
+ COSE_FREE(pbsecret, context);
+ if (pkey != NULL)
+ CN_CBOR_FREE(pkey, context);
+ if (p != NULL)
+ CN_CBOR_FREE(pkey, context);
- mbedtls_mpi_free(&d);
- mbedtls_mpi_free(&z);
- mbedtls_ecp_group_free(&group);
- mbedtls_ecp_keypair_free(&keypair);
- mbedtls_ecdh_free(&ctx);
- return fRet;
+ mbedtls_mpi_free(&d);
+ mbedtls_mpi_free(&z);
+ mbedtls_ecp_group_free(&group);
+ mbedtls_ecp_keypair_free(&keypair);
+ mbedtls_ecdh_free(&ctx);
+ return fRet;
}
-#endif // USE_ECDH
-#endif // USE_MBED_TLS
+#endif // USE_ECDH
+#endif // USE_MBED_TLS
diff --git a/src/openssl.c b/src/openssl.c
index c1f1e3f..e3b2ccb 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -23,29 +23,33 @@
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
-HMAC_CTX * HMAC_CTX_new()
+HMAC_CTX *HMAC_CTX_new()
{
- HMAC_CTX * foo = malloc(sizeof(HMAC_CTX));
+ HMAC_CTX *foo = malloc(sizeof(HMAC_CTX));
if (foo != NULL) {
HMAC_CTX_init(foo);
}
return foo;
}
-void HMAC_CTX_free(HMAC_CTX * foo)
+void HMAC_CTX_free(HMAC_CTX *foo)
{
- if (foo != NULL) free(foo);
+ if (foo != NULL)
+ free(foo);
}
-void ECDSA_SIG_get0(const ECDSA_SIG * sig, const BIGNUM **pr, const BIGNUM **ps)
+void ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
{
- if (pr != NULL) *pr = sig->r;
- if (ps != NULL) *ps = sig->s;
+ if (pr != NULL)
+ *pr = sig->r;
+ if (ps != NULL)
+ *ps = sig->s;
}
-int ECDSA_SIG_set0(ECDSA_SIG * sig, BIGNUM * r, BIGNUM *s)
+int ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
{
- if (r == NULL || s == NULL) return 0;
+ if (r == NULL || s == NULL)
+ return 0;
BN_clear_free(sig->r);
BN_clear_free(sig->s);
sig->r = r;
@@ -54,18 +58,27 @@
}
#endif
-bool AES_CCM_Decrypt(COSE_Enveloped * pcose, int TSize, int LSize, const byte * pbKey, size_t cbKey, const byte * pbCrypto, size_t cbCrypto, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CCM_Decrypt(COSE_Enveloped *pcose,
+ int TSize,
+ int LSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbCrypto,
+ size_t cbCrypto,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
EVP_CIPHER_CTX *ctx;
int cbOut;
- byte * rgbOut = NULL;
- int NSize = 15 - (LSize/8);
+ byte *rgbOut = NULL;
+ int NSize = 15 - (LSize / 8);
int outl = 0;
- byte rgbIV[15] = { 0 };
- const cn_cbor * pIV = NULL;
- const EVP_CIPHER * cipher;
+ byte rgbIV[15] = {0};
+ const cn_cbor *pIV = NULL;
+ const EVP_CIPHER *cipher;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
ctx = EVP_CIPHER_CTX_new();
@@ -74,11 +87,13 @@
// Setup the IV/Nonce and put it into the message
pIV = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, NULL);
- if ((pIV == NULL) || (pIV->type!= CN_CBOR_BYTES)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if ((pIV == NULL) || (pIV->type != CN_CBOR_BYTES)) {
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
errorReturn:
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
EVP_CIPHER_CTX_free(ctx);
return false;
}
@@ -89,41 +104,53 @@
// Setup and run the OpenSSL code
switch (cbKey) {
- case 128/8:
- cipher = EVP_aes_128_ccm();
- break;
+ case 128 / 8:
+ cipher = EVP_aes_128_ccm();
+ break;
- case 192/8:
- cipher = EVP_aes_192_ccm();
- break;
+ case 192 / 8:
+ cipher = EVP_aes_192_ccm();
+ break;
- case 256/8:
- cipher = EVP_aes_256_ccm();
- break;
+ case 256 / 8:
+ cipher = EVP_aes_256_ccm();
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
- CHECK_CONDITION(EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL),
+ COSE_ERR_DECRYPT_FAILED);
- TSize /= 8; // Comes in in bits not bytes.
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (LSize/8), 0), COSE_ERR_DECRYPT_FAILED);
- // CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, NSize, 0), COSE_ERR_DECRYPT_FAILED);
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, TSize, (void *) &pbCrypto[cbCrypto - TSize]), COSE_ERR_DECRYPT_FAILED);
-
- CHECK_CONDITION(EVP_DecryptInit_ex(ctx, 0, NULL, pbKey, rgbIV), COSE_ERR_DECRYPT_FAILED);
+ TSize /= 8; // Comes in in bits not bytes.
+ CHECK_CONDITION(
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (LSize / 8), 0),
+ COSE_ERR_DECRYPT_FAILED);
+ // CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, NSize,
+ // 0), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, TSize,
+ (void *)&pbCrypto[cbCrypto - TSize]),
+ COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(EVP_DecryptInit_ex(ctx, 0, NULL, pbKey, rgbIV),
+ COSE_ERR_DECRYPT_FAILED);
- CHECK_CONDITION(EVP_DecryptUpdate(ctx, NULL, &cbOut, NULL, (int) cbCrypto - TSize), COSE_ERR_DECRYPT_FAILED);
-
- cbOut = (int) cbCrypto - TSize;
+ CHECK_CONDITION(
+ EVP_DecryptUpdate(ctx, NULL, &cbOut, NULL, (int)cbCrypto - TSize),
+ COSE_ERR_DECRYPT_FAILED);
+
+ cbOut = (int)cbCrypto - TSize;
rgbOut = (byte *)COSE_CALLOC(cbOut, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EVP_DecryptUpdate(ctx, NULL, &outl, pbAuthData, (int) cbAuthData), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(
+ EVP_DecryptUpdate(ctx, NULL, &outl, pbAuthData, (int)cbAuthData),
+ COSE_ERR_DECRYPT_FAILED);
- CHECK_CONDITION(EVP_DecryptUpdate(ctx, rgbOut, &cbOut, pbCrypto, (int) cbCrypto - TSize), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(
+ EVP_DecryptUpdate(ctx, rgbOut, &cbOut, pbCrypto, (int)cbCrypto - TSize),
+ COSE_ERR_DECRYPT_FAILED);
EVP_CIPHER_CTX_free(ctx);
@@ -133,119 +160,157 @@
return true;
}
-
-bool AES_CCM_Encrypt(COSE_Enveloped * pcose, int TSize, int LSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CCM_Encrypt(COSE_Enveloped *pcose,
+ int TSize,
+ int LSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
EVP_CIPHER_CTX *ctx;
int cbOut;
- byte * rgbOut = NULL;
- int NSize = 15 - (LSize/8);
+ byte *rgbOut = NULL;
+ int NSize = 15 - (LSize / 8);
int outl = 0;
- const cn_cbor * cbor_iv = NULL;
- cn_cbor * cbor_iv_t = NULL;
+ const cn_cbor *cbor_iv = NULL;
+ cn_cbor *cbor_iv_t = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
- cn_cbor * cnTmp = NULL;
- const EVP_CIPHER * cipher;
+ cn_cbor *cnTmp = NULL;
+ const EVP_CIPHER *cipher;
byte rgbIV[16];
- byte * pbIV = NULL;
+ byte *pbIV = NULL;
cn_cbor_errback cbor_error;
ctx = EVP_CIPHER_CTX_new();
CHECK_CONDITION(NULL != ctx, COSE_ERR_OUT_OF_MEMORY);
- switch (cbKey*8) {
- case 128:
- cipher = EVP_aes_128_ccm();
- break;
+ switch (cbKey * 8) {
+ case 128:
+ cipher = EVP_aes_128_ccm();
+ break;
- case 192:
- cipher = EVP_aes_192_ccm();
- break;
+ case 192:
+ cipher = EVP_aes_192_ccm();
+ break;
- case 256:
- cipher = EVP_aes_256_ccm();
- break;
+ case 256:
+ cipher = EVP_aes_256_ccm();
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
-
+
// Setup the IV/Nonce and put it into the message
-
- cbor_iv = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
+
+ cbor_iv =
+ _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
if (cbor_iv == NULL) {
pbIV = COSE_CALLOC(NSize, 1, context);
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, NSize);
memcpy(rgbIV, pbIV, NSize);
- cbor_iv_t = cn_cbor_data_create(pbIV, NSize, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cbor_iv_t = cn_cbor_data_create(
+ pbIV, NSize, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
- if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t,
+ COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
cbor_iv_t = NULL;
- }
- else {
- CHECK_CONDITION(cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION(
+ cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(cbor_iv->length == NSize, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbIV, cbor_iv->v.str, cbor_iv->length);
}
// Setup and run the OpenSSL code
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL),
+ COSE_ERR_CRYPTO_FAIL);
- TSize /= 8; // Comes in in bits not bytes.
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (LSize/8), 0), COSE_ERR_CRYPTO_FAIL);
- // CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, NSize, 0), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, TSize, NULL), COSE_ERR_CRYPTO_FAIL); // Say we are doing an 8 byte tag
+ TSize /= 8; // Comes in in bits not bytes.
+ CHECK_CONDITION(
+ EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (LSize / 8), 0),
+ COSE_ERR_CRYPTO_FAIL);
+ // CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_CCM_SET_IVLEN, NSize,
+ // 0), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, TSize, NULL),
+ COSE_ERR_CRYPTO_FAIL); // Say we are doing an 8 byte tag
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, 0, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptInit_ex(ctx, 0, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, 0, &cbOut, 0, (int) pcose->cbContent), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, 0, &cbOut, 0, (int)pcose->cbContent),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, NULL, &outl, pbAuthData, (int) cbAuthData), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptUpdate(ctx, NULL, &outl, pbAuthData, (int)cbAuthData),
+ COSE_ERR_CRYPTO_FAIL);
- rgbOut = (byte *)COSE_CALLOC(cbOut+TSize, 1, context);
+ rgbOut = (byte *)COSE_CALLOC(cbOut + TSize, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pcose->pbContent, (int) pcose->cbContent), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pcose->pbContent,
+ (int)pcose->cbContent),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptFinal_ex(ctx, &rgbOut[cbOut], &cbOut), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptFinal_ex(ctx, &rgbOut[cbOut], &cbOut), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, TSize, &rgbOut[pcose->cbContent]), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, TSize,
+ &rgbOut[pcose->cbContent]),
+ COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(rgbOut, (int)pcose->cbContent + TSize, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cnTmp = cn_cbor_data_create(
+ rgbOut, (int)pcose->cbContent + TSize, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
cnTmp = NULL;
EVP_CIPHER_CTX_free(ctx);
return true;
errorReturn:
- if (pbIV != NULL) COSE_FREE(pbIV, context);
- if (cbor_iv_t != NULL) COSE_FREE(cbor_iv_t, context);
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
- if (cnTmp != NULL) COSE_FREE(cnTmp, context);
+ if (pbIV != NULL)
+ COSE_FREE(pbIV, context);
+ if (cbor_iv_t != NULL)
+ COSE_FREE(cbor_iv_t, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
+ if (cnTmp != NULL)
+ COSE_FREE(cnTmp, context);
EVP_CIPHER_CTX_free(ctx);
return false;
}
-bool AES_GCM_Decrypt(COSE_Enveloped * pcose, const byte * pbKey, size_t cbKey, const byte * pbCrypto, size_t cbCrypto, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_GCM_Decrypt(COSE_Enveloped *pcose,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbCrypto,
+ size_t cbCrypto,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
EVP_CIPHER_CTX *ctx;
int cbOut;
- byte * rgbOut = NULL;
+ byte *rgbOut = NULL;
int outl = 0;
- byte rgbIV[15] = { 0 };
- const cn_cbor * pIV = NULL;
- const EVP_CIPHER * cipher;
+ byte rgbIV[15] = {0};
+ const cn_cbor *pIV = NULL;
+ const EVP_CIPHER *cipher;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
int TSize = 128 / 8;
@@ -256,50 +321,58 @@
pIV = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, NULL);
if ((pIV == NULL) || (pIV->type != CN_CBOR_BYTES)) {
- if (perr != NULL) perr->err = COSE_ERR_INVALID_PARAMETER;
+ if (perr != NULL)
+ perr->err = COSE_ERR_INVALID_PARAMETER;
errorReturn:
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
EVP_CIPHER_CTX_free(ctx);
return false;
}
- CHECK_CONDITION(pIV->length == 96/8, COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(pIV->length == 96 / 8, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbIV, pIV->v.str, pIV->length);
// Setup and run the OpenSSL code
switch (cbKey) {
- case 128 / 8:
- cipher = EVP_aes_128_gcm();
- break;
+ case 128 / 8:
+ cipher = EVP_aes_128_gcm();
+ break;
- case 192 / 8:
- cipher = EVP_aes_192_gcm();
- break;
+ case 192 / 8:
+ cipher = EVP_aes_192_gcm();
+ break;
- case 256 / 8:
- cipher = EVP_aes_256_gcm();
- break;
+ case 256 / 8:
+ cipher = EVP_aes_256_gcm();
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
// Do the setup for OpenSSL
- CHECK_CONDITION(EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL),
+ COSE_ERR_DECRYPT_FAILED);
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, TSize, (void *)&pbCrypto[cbCrypto - TSize]), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, TSize,
+ (void *)&pbCrypto[cbCrypto - TSize]),
+ COSE_ERR_DECRYPT_FAILED);
- CHECK_CONDITION(EVP_DecryptInit_ex(ctx, 0, NULL, pbKey, rgbIV), COSE_ERR_DECRYPT_FAILED);
-
+ CHECK_CONDITION(EVP_DecryptInit_ex(ctx, 0, NULL, pbKey, rgbIV),
+ COSE_ERR_DECRYPT_FAILED);
+
// Pus in the AAD
- CHECK_CONDITION(EVP_DecryptUpdate(ctx, NULL, &outl, pbAuthData, (int) cbAuthData), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(
+ EVP_DecryptUpdate(ctx, NULL, &outl, pbAuthData, (int)cbAuthData),
+ COSE_ERR_DECRYPT_FAILED);
- //
+ //
cbOut = (int)cbCrypto - TSize;
rgbOut = (byte *)COSE_CALLOC(cbOut, 1, context);
@@ -307,15 +380,20 @@
// Process content
- CHECK_CONDITION(EVP_DecryptUpdate(ctx, rgbOut, &cbOut, pbCrypto, (int)cbCrypto - TSize), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(
+ EVP_DecryptUpdate(ctx, rgbOut, &cbOut, pbCrypto, (int)cbCrypto - TSize),
+ COSE_ERR_DECRYPT_FAILED);
// Process Tag
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, TSize, (byte *)pbCrypto + cbCrypto - TSize), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, TSize,
+ (byte *)pbCrypto + cbCrypto - TSize),
+ COSE_ERR_DECRYPT_FAILED);
// Check the result
- CHECK_CONDITION(EVP_DecryptFinal(ctx, rgbOut + cbOut, &cbOut), COSE_ERR_DECRYPT_FAILED);
+ CHECK_CONDITION(
+ EVP_DecryptFinal(ctx, rgbOut + cbOut, &cbOut), COSE_ERR_DECRYPT_FAILED);
EVP_CIPHER_CTX_free(ctx);
@@ -325,19 +403,24 @@
return true;
}
-bool AES_GCM_Encrypt(COSE_Enveloped * pcose, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_GCM_Encrypt(COSE_Enveloped *pcose,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
EVP_CIPHER_CTX *ctx;
int cbOut;
- byte * rgbOut = NULL;
+ byte *rgbOut = NULL;
int outl = 0;
- byte rgbIV[16] = { 0 };
- byte * pbIV = NULL;
- const cn_cbor * cbor_iv = NULL;
- cn_cbor * cbor_iv_t = NULL;
- const EVP_CIPHER * cipher;
+ byte rgbIV[16] = {0};
+ byte *pbIV = NULL;
+ const cn_cbor *cbor_iv = NULL;
+ cn_cbor *cbor_iv_t = NULL;
+ const EVP_CIPHER *cipher;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
cn_cbor_errback cbor_error;
@@ -347,90 +430,113 @@
// Setup the IV/Nonce and put it into the message
- cbor_iv = _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
+ cbor_iv =
+ _COSE_map_get_int(&pcose->m_message, COSE_Header_IV, COSE_BOTH, perr);
if (cbor_iv == NULL) {
pbIV = COSE_CALLOC(96, 1, context);
CHECK_CONDITION(pbIV != NULL, COSE_ERR_OUT_OF_MEMORY);
rand_bytes(pbIV, 96 / 8);
memcpy(rgbIV, pbIV, 96 / 8);
- cbor_iv_t = cn_cbor_data_create(pbIV, 96 / 8, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ cbor_iv_t = cn_cbor_data_create(
+ pbIV, 96 / 8, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(cbor_iv_t != NULL, cbor_error);
pbIV = NULL;
- if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t, COSE_UNPROTECT_ONLY, perr)) goto errorReturn;
+ if (!_COSE_map_put(&pcose->m_message, COSE_Header_IV, cbor_iv_t,
+ COSE_UNPROTECT_ONLY, perr))
+ goto errorReturn;
cbor_iv_t = NULL;
- }
- else {
- CHECK_CONDITION(cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
+ } else {
+ CHECK_CONDITION(
+ cbor_iv->type == CN_CBOR_BYTES, COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(cbor_iv->length == 96 / 8, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbIV, cbor_iv->v.str, cbor_iv->length);
}
+ switch (cbKey * 8) {
+ case 128:
+ cipher = EVP_aes_128_gcm();
+ break;
- switch (cbKey*8) {
- case 128:
- cipher = EVP_aes_128_gcm();
- break;
+ case 192:
+ cipher = EVP_aes_192_gcm();
+ break;
- case 192:
- cipher = EVP_aes_192_gcm();
- break;
+ case 256:
+ cipher = EVP_aes_256_gcm();
+ break;
- case 256:
- cipher = EVP_aes_256_gcm();
- break;
-
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
- break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
// Setup and run the OpenSSL code
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, 0, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptInit_ex(ctx, 0, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, NULL, &outl, pbAuthData, (int) cbAuthData), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptUpdate(ctx, NULL, &outl, pbAuthData, (int)cbAuthData),
+ COSE_ERR_CRYPTO_FAIL);
- rgbOut = (byte *)COSE_CALLOC(pcose->cbContent + 128/8, 1, context);
+ rgbOut = (byte *)COSE_CALLOC(pcose->cbContent + 128 / 8, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pcose->pbContent, (int)pcose->cbContent), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pcose->pbContent,
+ (int)pcose->cbContent),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptFinal_ex(ctx, &rgbOut[cbOut], &cbOut), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptFinal_ex(ctx, &rgbOut[cbOut], &cbOut), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 128/8, &rgbOut[pcose->cbContent]), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 128 / 8,
+ &rgbOut[pcose->cbContent]),
+ COSE_ERR_CRYPTO_FAIL);
- cn_cbor * cnTmp = cn_cbor_data_create(rgbOut, (int)pcose->cbContent + 128/8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cnTmp = cn_cbor_data_create(
+ rgbOut, (int)pcose->cbContent + 128 / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
rgbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cnTmp, INDEX_BODY,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
EVP_CIPHER_CTX_free(ctx);
return true;
errorReturn:
- if (pbIV != NULL) COSE_FREE(pbIV, context);
- if (cbor_iv_t != NULL) COSE_FREE(cbor_iv_t, context);
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
+ if (pbIV != NULL)
+ COSE_FREE(pbIV, context);
+ if (cbor_iv_t != NULL)
+ COSE_FREE(cbor_iv_t, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
EVP_CIPHER_CTX_free(ctx);
return false;
}
-
-bool AES_CBC_MAC_Create(COSE_MacMessage * pcose, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CBC_MAC_Create(COSE_MacMessage *pcose,
+ int TSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
- const EVP_CIPHER * pcipher = NULL;
+ const EVP_CIPHER *pcipher = NULL;
EVP_CIPHER_CTX *ctx;
int cbOut;
- byte rgbIV[16] = { 0 };
- byte * rgbOut = NULL;
+ byte rgbIV[16] = {0};
+ byte *rgbOut = NULL;
bool f = false;
unsigned int i;
- cn_cbor * cn = NULL;
+ cn_cbor *cn = NULL;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
ctx = EVP_CIPHER_CTX_new();
@@ -439,91 +545,116 @@
rgbOut = COSE_CALLOC(16, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- switch (cbKey*8) {
- case 128:
- pcipher = EVP_aes_128_cbc();
- break;
+ switch (cbKey * 8) {
+ case 128:
+ pcipher = EVP_aes_128_cbc();
+ break;
- case 256:
- pcipher = EVP_aes_256_cbc();
- break;
+ case 256:
+ pcipher = EVP_aes_256_cbc();
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
// Setup and run the OpenSSL code
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, pcipher, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(ctx, pcipher, NULL, pbKey, rgbIV),
+ COSE_ERR_CRYPTO_FAIL);
for (i = 0; i < (unsigned int)cbAuthData / 16; i++) {
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pbAuthData + (i * 16), 16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pbAuthData + (i * 16), 16),
+ COSE_ERR_CRYPTO_FAIL);
}
if (cbAuthData % 16 != 0) {
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pbAuthData + (i * 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, rgbIV, 16 - (cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut,
+ pbAuthData + (i * 16), cbAuthData % 16),
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(
+ ctx, rgbOut, &cbOut, rgbIV, 16 - (cbAuthData % 16)),
+ COSE_ERR_CRYPTO_FAIL);
}
cn = cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cn != NULL, COSE_ERR_OUT_OF_MEMORY);
rgbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn, INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn, INDEX_MAC_TAG,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
cn = NULL;
EVP_CIPHER_CTX_free(ctx);
return !f;
errorReturn:
- if (rgbOut != NULL) COSE_FREE(rgbOut, context);
- if (cn != NULL) CN_CBOR_FREE(cn, context);
+ if (rgbOut != NULL)
+ COSE_FREE(rgbOut, context);
+ if (cn != NULL)
+ CN_CBOR_FREE(cn, context);
EVP_CIPHER_CTX_free(ctx);
return false;
}
-bool AES_CBC_MAC_Validate(COSE_MacMessage * pcose, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool AES_CBC_MAC_Validate(COSE_MacMessage *pcose,
+ int TSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
- const EVP_CIPHER * pcipher = NULL;
+ const EVP_CIPHER *pcipher = NULL;
EVP_CIPHER_CTX *ctx = NULL;
int cbOut;
- byte rgbIV[16] = { 0 };
- byte rgbTag[16] = { 0 };
+ byte rgbIV[16] = {0};
+ byte rgbTag[16] = {0};
bool f = false;
unsigned int i;
- switch (cbKey*8) {
- case 128:
- pcipher = EVP_aes_128_cbc();
- break;
+ switch (cbKey * 8) {
+ case 128:
+ pcipher = EVP_aes_128_cbc();
+ break;
- case 256:
- pcipher = EVP_aes_256_cbc();
- break;
+ case 256:
+ pcipher = EVP_aes_256_cbc();
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
// Setup and run the OpenSSL code
ctx = EVP_CIPHER_CTX_new();
CHECK_CONDITION(NULL != ctx, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, pcipher, NULL, pbKey, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(ctx, pcipher, NULL, pbKey, rgbIV),
+ COSE_ERR_CRYPTO_FAIL);
TSize /= 8;
- for (i = 0; i < (unsigned int) cbAuthData / 16; i++) {
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbTag, &cbOut, pbAuthData+(i*16), 16), COSE_ERR_CRYPTO_FAIL);
+ for (i = 0; i < (unsigned int)cbAuthData / 16; i++) {
+ CHECK_CONDITION(
+ EVP_EncryptUpdate(ctx, rgbTag, &cbOut, pbAuthData + (i * 16), 16),
+ COSE_ERR_CRYPTO_FAIL);
}
if (cbAuthData % 16 != 0) {
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbTag, &cbOut, pbAuthData + (i * 16), cbAuthData % 16), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbTag, &cbOut, rgbIV, 16 - (cbAuthData % 16)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbTag, &cbOut,
+ pbAuthData + (i * 16), cbAuthData % 16),
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(
+ ctx, rgbTag, &cbOut, rgbIV, 16 - (cbAuthData % 16)),
+ COSE_ERR_CRYPTO_FAIL);
}
- cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
+ cn_cbor *cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);
- for (i = 0; i < (unsigned int)TSize; i++) f |= (cn->v.bytes[i] != rgbTag[i]);
+ for (i = 0; i < (unsigned int)TSize; i++)
+ f |= (cn->v.bytes[i] != rgbTag[i]);
EVP_CIPHER_CTX_free(ctx);
return !f;
@@ -582,12 +713,20 @@
}
#endif
-bool HKDF_AES_Expand(COSE * pcose, size_t cbitKey, const byte * pbPRK, size_t cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput, cose_errback * perr)
+bool HKDF_AES_Expand(COSE *pcose,
+ size_t cbitKey,
+ const byte *pbPRK,
+ size_t cbPRK,
+ const byte *pbInfo,
+ size_t cbInfo,
+ byte *pbOutput,
+ size_t cbOutput,
+ cose_errback *perr)
{
- const EVP_CIPHER * pcipher = NULL;
+ const EVP_CIPHER *pcipher = NULL;
EVP_CIPHER_CTX *ctx;
int cbOut;
- byte rgbIV[16] = { 0 };
+ byte rgbIV[16] = {0};
byte bCount = 1;
size_t ib;
byte rgbDigest[128 / 8];
@@ -600,34 +739,41 @@
CHECK_CONDITION(NULL != ctx, COSE_ERR_OUT_OF_MEMORY);
switch (cbitKey) {
- case 128:
- pcipher = EVP_aes_128_cbc();
- break;
+ case 128:
+ pcipher = EVP_aes_128_cbc();
+ break;
- case 256:
- pcipher = EVP_aes_256_cbc();
- break;
+ case 256:
+ pcipher = EVP_aes_256_cbc();
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
CHECK_CONDITION(cbPRK == cbitKey / 8, COSE_ERR_INVALID_PARAMETER);
// Setup and run the OpenSSL code
-
for (ib = 0; ib < cbOutput; ib += 16, bCount += 1) {
size_t ib2;
- CHECK_CONDITION(EVP_EncryptInit_ex(ctx, pcipher, NULL, pbPRK, rgbIV), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptInit_ex(ctx, pcipher, NULL, pbPRK, rgbIV),
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, rgbDigest, cbDigest), COSE_ERR_CRYPTO_FAIL);
- for (ib2 = 0; ib2 < cbInfo; ib2+=16) {
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pbInfo+ib2, (int) MIN(16, cbInfo-ib2)), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_EncryptUpdate(ctx, rgbOut, &cbOut, rgbDigest, cbDigest),
+ COSE_ERR_CRYPTO_FAIL);
+ for (ib2 = 0; ib2 < cbInfo; ib2 += 16) {
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, pbInfo + ib2,
+ (int)MIN(16, cbInfo - ib2)),
+ COSE_ERR_CRYPTO_FAIL);
}
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, &bCount, 1), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, &bCount, 1),
+ COSE_ERR_CRYPTO_FAIL);
if ((cbInfo + 1) % 16 != 0) {
- CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, rgbIV, (int) 16-(cbInfo+1)%16), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_EncryptUpdate(ctx, rgbOut, &cbOut, rgbIV,
+ (int)16 - (cbInfo + 1) % 16),
+ COSE_ERR_CRYPTO_FAIL);
}
memcpy(rgbDigest, rgbOut, cbOut);
cbDigest = cbOut;
@@ -642,14 +788,19 @@
return false;
}
-
-bool HKDF_Extract(COSE * pcose, const byte * pbKey, size_t cbKey, size_t cbitDigest, byte * rgbDigest, size_t * pcbDigest, CBOR_CONTEXT_COMMA cose_errback * perr)
+bool HKDF_Extract(COSE *pcose,
+ const byte *pbKey,
+ size_t cbKey,
+ size_t cbitDigest,
+ byte *rgbDigest,
+ size_t *pcbDigest,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- byte rgbSalt[EVP_MAX_MD_SIZE] = { 0 };
+ byte rgbSalt[EVP_MAX_MD_SIZE] = {0};
int cbSalt;
- cn_cbor * cnSalt;
+ cn_cbor *cnSalt;
HMAC_CTX *ctx;
- const EVP_MD * pmd = NULL;
+ const EVP_MD *pmd = NULL;
unsigned int cbDigest;
ctx = HMAC_CTX_new();
@@ -662,31 +813,53 @@
}
switch (cbitDigest) {
- case 256: pmd = EVP_sha256(); cbSalt = 256 / 8; break;
- case 384: pmd = EVP_sha384(); cbSalt = 384 / 8; break;
- case 512: pmd = EVP_sha512(); cbSalt = 512 / 8; break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
+ case 256:
+ pmd = EVP_sha256();
+ cbSalt = 256 / 8;
+ break;
+ case 384:
+ pmd = EVP_sha384();
+ cbSalt = 384 / 8;
+ break;
+ case 512:
+ pmd = EVP_sha512();
+ cbSalt = 512 / 8;
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
cnSalt = _COSE_map_get_int(pcose, COSE_Header_HKDF_salt, COSE_BOTH, perr);
if (cnSalt != NULL) {
- CHECK_CONDITION(HMAC_Init_ex(ctx, cnSalt->v.bytes, (int) cnSalt->length, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
- }
- else {
- CHECK_CONDITION(HMAC_Init_ex(ctx, rgbSalt, cbSalt, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Init_ex(ctx, cnSalt->v.bytes, (int)cnSalt->length, pmd, NULL),
+ COSE_ERR_CRYPTO_FAIL);
+ } else {
+ CHECK_CONDITION(HMAC_Init_ex(ctx, rgbSalt, cbSalt, pmd, NULL),
+ COSE_ERR_CRYPTO_FAIL);
}
CHECK_CONDITION(HMAC_Update(ctx, pbKey, (int)cbKey), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(HMAC_Final(ctx, rgbDigest, &cbDigest), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Final(ctx, rgbDigest, &cbDigest), COSE_ERR_CRYPTO_FAIL);
*pcbDigest = cbDigest;
HMAC_CTX_free(ctx);
return true;
}
-bool HKDF_Expand(COSE * pcose, size_t cbitDigest, const byte * pbPRK, size_t cbPRK, const byte * pbInfo, size_t cbInfo, byte * pbOutput, size_t cbOutput, cose_errback * perr)
+bool HKDF_Expand(COSE *pcose,
+ size_t cbitDigest,
+ const byte *pbPRK,
+ size_t cbPRK,
+ const byte *pbInfo,
+ size_t cbInfo,
+ byte *pbOutput,
+ size_t cbOutput,
+ cose_errback *perr)
{
HMAC_CTX *ctx;
- const EVP_MD * pmd = NULL;
+ const EVP_MD *pmd = NULL;
size_t ib;
unsigned int cbDigest = 0;
byte rgbDigest[EVP_MAX_MD_SIZE];
@@ -704,36 +877,52 @@
}
switch (cbitDigest) {
- case 256: pmd = EVP_sha256(); break;
- case 384: pmd = EVP_sha384(); break;
- case 512: pmd = EVP_sha512(); break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
+ case 256:
+ pmd = EVP_sha256();
+ break;
+ case 384:
+ pmd = EVP_sha384();
+ break;
+ case 512:
+ pmd = EVP_sha512();
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
-
for (ib = 0; ib < cbOutput; ib += cbDigest, bCount += 1) {
- CHECK_CONDITION(HMAC_Init_ex(ctx, pbPRK, (int)cbPRK, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(HMAC_Update(ctx, rgbDigest, cbDigest), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(HMAC_Init_ex(ctx, pbPRK, (int)cbPRK, pmd, NULL),
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Update(ctx, rgbDigest, cbDigest), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(HMAC_Update(ctx, pbInfo, cbInfo), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(HMAC_Update(ctx, &bCount, 1), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(HMAC_Final(ctx, rgbDigest, &cbDigest), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Final(ctx, rgbDigest, &cbDigest), COSE_ERR_CRYPTO_FAIL);
memcpy(pbOutput + ib, rgbDigest, MIN(cbDigest, cbOutput - ib));
}
HMAC_CTX_free(ctx);
return true;
-
}
-bool HMAC_Create(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool HMAC_Create(COSE_MacMessage *pcose,
+ int HSize,
+ int TSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
HMAC_CTX *ctx;
- const EVP_MD * pmd = NULL;
- byte * rgbOut = NULL;
+ const EVP_MD *pmd = NULL;
+ byte *rgbOut = NULL;
unsigned int cbOut;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
ctx = HMAC_CTX_new();
@@ -747,59 +936,92 @@
}
switch (HSize) {
- case 256: pmd = EVP_sha256(); break;
- case 384: pmd = EVP_sha384(); break;
- case 512: pmd = EVP_sha512(); break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
+ case 256:
+ pmd = EVP_sha256();
+ break;
+ case 384:
+ pmd = EVP_sha384();
+ break;
+ case 512:
+ pmd = EVP_sha512();
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
rgbOut = COSE_CALLOC(EVP_MAX_MD_SIZE, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(HMAC_Init_ex(ctx, pbKey, (int) cbKey, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(HMAC_Update(ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Init_ex(ctx, pbKey, (int)cbKey, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Update(ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(HMAC_Final(ctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_message, cn_cbor_data_create(rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL), INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_message,
+ cn_cbor_data_create(
+ rgbOut, TSize / 8, CBOR_CONTEXT_PARAM_COMMA NULL),
+ INDEX_MAC_TAG, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
HMAC_CTX_free(ctx);
return true;
}
-bool HMAC_Validate(COSE_MacMessage * pcose, int HSize, int TSize, const byte * pbKey, size_t cbKey, const byte * pbAuthData, size_t cbAuthData, cose_errback * perr)
+bool HMAC_Validate(COSE_MacMessage *pcose,
+ int HSize,
+ int TSize,
+ const byte *pbKey,
+ size_t cbKey,
+ const byte *pbAuthData,
+ size_t cbAuthData,
+ cose_errback *perr)
{
HMAC_CTX *ctx;
- const EVP_MD * pmd = NULL;
- byte * rgbOut = NULL;
+ const EVP_MD *pmd = NULL;
+ byte *rgbOut = NULL;
unsigned int cbOut;
bool f = false;
unsigned int i;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_message.m_allocContext;
#endif
ctx = HMAC_CTX_new();
CHECK_CONDITION(ctx != NULL, COSE_ERR_OUT_OF_MEMORY);
switch (HSize) {
- case 256: pmd = EVP_sha256(); break;
- case 384: pmd = EVP_sha384(); break;
- case 512: pmd = EVP_sha512(); break;
- default: FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER); break;
+ case 256:
+ pmd = EVP_sha256();
+ break;
+ case 384:
+ pmd = EVP_sha384();
+ break;
+ case 512:
+ pmd = EVP_sha512();
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ break;
}
rgbOut = COSE_CALLOC(EVP_MAX_MD_SIZE, 1, context);
CHECK_CONDITION(rgbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(HMAC_Init_ex(ctx, pbKey, (int) cbKey, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(HMAC_Update(ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Init_ex(ctx, pbKey, (int)cbKey, pmd, NULL), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ HMAC_Update(ctx, pbAuthData, cbAuthData), COSE_ERR_CRYPTO_FAIL);
CHECK_CONDITION(HMAC_Final(ctx, rgbOut, &cbOut), COSE_ERR_CRYPTO_FAIL);
- cn_cbor * cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
+ cn_cbor *cn = _COSE_arrayget_int(&pcose->m_message, INDEX_MAC_TAG);
CHECK_CONDITION(cn != NULL, COSE_ERR_CBOR);
- if (cn->length > (int) cbOut) return false;
- for (i = 0; i < (unsigned int) TSize/8; i++) f |= (cn->v.bytes[i] != rgbOut[i]);
+ if (cn->length > (int)cbOut)
+ return false;
+ for (i = 0; i < (unsigned int)TSize / 8; i++)
+ f |= (cn->v.bytes[i] != rgbOut[i]);
HMAC_CTX_free(ctx);
return !f;
@@ -810,53 +1032,53 @@
return false;
}
-
#define COSE_Key_EC_Curve -1
#define COSE_Key_EC_X -2
#define COSE_Key_EC_Y -3
#define COSE_Key_EC_d -4
-EC_KEY * ECKey_From(const cn_cbor * pKey, int * cbGroup, cose_errback * perr)
+EC_KEY *ECKey_From(const cn_cbor *pKey, int *cbGroup, cose_errback *perr)
{
- EC_KEY * pNewKey = EC_KEY_new();
- byte rgbKey[512+1];
+ EC_KEY *pNewKey = EC_KEY_new();
+ byte rgbKey[512 + 1];
int cbKey;
- const cn_cbor * p;
+ const cn_cbor *p;
int nidGroup = -1;
- EC_POINT * pPoint = NULL;
+ EC_POINT *pPoint = NULL;
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_Curve);
CHECK_CONDITION(p != NULL, COSE_ERR_INVALID_PARAMETER);
switch (p->v.sint) {
- case 1: // P-256
- nidGroup = NID_X9_62_prime256v1;
- *cbGroup = 256 / 8;
- break;
+ case 1: // P-256
+ nidGroup = NID_X9_62_prime256v1;
+ *cbGroup = 256 / 8;
+ break;
- case 2: // P-384
- nidGroup = NID_secp384r1;
- *cbGroup = 384 / 8;
- break;
+ case 2: // P-384
+ nidGroup = NID_secp384r1;
+ *cbGroup = 384 / 8;
+ break;
- case 3: // P-521
- nidGroup = NID_secp521r1;
- *cbGroup = (521 + 7) / 8;
- break;
+ case 3: // P-521
+ nidGroup = NID_secp521r1;
+ *cbGroup = (521 + 7) / 8;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
- EC_GROUP * ecgroup = EC_GROUP_new_by_curve_name(nidGroup);
+ EC_GROUP *ecgroup = EC_GROUP_new_by_curve_name(nidGroup);
CHECK_CONDITION(ecgroup != NULL, COSE_ERR_INVALID_PARAMETER);
- CHECK_CONDITION(EC_KEY_set_group(pNewKey, ecgroup) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EC_KEY_set_group(pNewKey, ecgroup) == 1, COSE_ERR_CRYPTO_FAIL);
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_X);
- CHECK_CONDITION((p != NULL) && (p->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
+ CHECK_CONDITION(
+ (p != NULL) && (p->type == CN_CBOR_BYTES), COSE_ERR_INVALID_PARAMETER);
CHECK_CONDITION(p->length == *cbGroup, COSE_ERR_INVALID_PARAMETER);
- memcpy(rgbKey+1, p->v.str, p->length);
-
+ memcpy(rgbKey + 1, p->v.str, p->length);
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_Y);
CHECK_CONDITION((p != NULL), COSE_ERR_INVALID_PARAMETER);
@@ -865,113 +1087,144 @@
cbKey = (*cbGroup * 2) + 1;
CHECK_CONDITION(p->length == *cbGroup, COSE_ERR_INVALID_PARAMETER);
memcpy(rgbKey + p->length + 1, p->v.str, p->length);
- }
- else if (p->type == CN_CBOR_TRUE) {
+ } else if (p->type == CN_CBOR_TRUE) {
cbKey = (*cbGroup) + 1;
rgbKey[0] = POINT_CONVERSION_COMPRESSED + 1;
- }
- else if (p->type == CN_CBOR_FALSE) {
+ } else if (p->type == CN_CBOR_FALSE) {
cbKey = (*cbGroup) + 1;
rgbKey[0] = POINT_CONVERSION_COMPRESSED;
- }
- else FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ } else
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
pPoint = EC_POINT_new(ecgroup);
CHECK_CONDITION(pPoint != NULL, COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EC_POINT_oct2point(ecgroup, pPoint, rgbKey, cbKey, NULL) == 1, COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EC_KEY_set_public_key(pNewKey, pPoint) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EC_POINT_oct2point(ecgroup, pPoint, rgbKey, cbKey, NULL) == 1,
+ COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EC_KEY_set_public_key(pNewKey, pPoint) == 1, COSE_ERR_CRYPTO_FAIL);
p = cn_cbor_mapget_int(pKey, COSE_Key_EC_d);
if (p != NULL) {
- BIGNUM * pbn;
+ BIGNUM *pbn;
- pbn = BN_bin2bn(p->v.bytes, (int) p->length, NULL);
+ pbn = BN_bin2bn(p->v.bytes, (int)p->length, NULL);
CHECK_CONDITION(pbn != NULL, COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EC_KEY_set_private_key(pNewKey, pbn) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EC_KEY_set_private_key(pNewKey, pbn) == 1, COSE_ERR_CRYPTO_FAIL);
}
-
+
return pNewKey;
errorReturn:
- if (pNewKey != NULL) EC_KEY_free(pNewKey);
+ if (pNewKey != NULL)
+ EC_KEY_free(pNewKey);
return NULL;
}
-cn_cbor * EC_FromKey(const EC_KEY * pKey, CBOR_CONTEXT_COMMA cose_errback * perr)
+cn_cbor *EC_FromKey(const EC_KEY *pKey, CBOR_CONTEXT_COMMA cose_errback *perr)
{
- cn_cbor * pkey = NULL;
- const EC_GROUP * pgroup;
+ cn_cbor *pkey = NULL;
+ const EC_GROUP *pgroup;
int cose_group;
- cn_cbor * p = NULL;
+ cn_cbor *p = NULL;
cn_cbor_errback cbor_error;
- const EC_POINT * pPoint;
+ const EC_POINT *pPoint;
size_t cbSize;
- byte * pbOut = NULL;
+ byte *pbOut = NULL;
pgroup = EC_KEY_get0_group(pKey);
CHECK_CONDITION(pgroup != NULL, COSE_ERR_INVALID_PARAMETER);
switch (EC_GROUP_get_curve_name(pgroup)) {
- case NID_X9_62_prime256v1: cose_group = 1; break;
- case NID_secp384r1: cose_group = 2; break;
- case NID_secp521r1: cose_group = 3; break;
+ case NID_X9_62_prime256v1:
+ cose_group = 1;
+ break;
+ case NID_secp384r1:
+ cose_group = 2;
+ break;
+ case NID_secp521r1:
+ cose_group = 3;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
- pkey = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ pkey = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(pkey != NULL, cbor_error);
- p = cn_cbor_int_create(cose_group, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ p = cn_cbor_int_create(cose_group, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Curve, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Curve, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
p = NULL;
pPoint = EC_KEY_get0_public_key(pKey);
CHECK_CONDITION(pPoint != NULL, COSE_ERR_INVALID_PARAMETER);
if (FUseCompressed) {
- cbSize = EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
+ cbSize = EC_POINT_point2oct(
+ pgroup, pPoint, POINT_CONVERSION_COMPRESSED, NULL, 0, NULL);
CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL);
pbOut = COSE_CALLOC(cbSize, 1, context);
CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED, pbOut, cbSize, NULL) == cbSize, COSE_ERR_CRYPTO_FAIL);
- }
- else {
- cbSize = EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
+ CHECK_CONDITION(
+ EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_COMPRESSED,
+ pbOut, cbSize, NULL) == cbSize,
+ COSE_ERR_CRYPTO_FAIL);
+ } else {
+ cbSize = EC_POINT_point2oct(
+ pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED, NULL, 0, NULL);
CHECK_CONDITION(cbSize > 0, COSE_ERR_CRYPTO_FAIL);
pbOut = COSE_CALLOC(cbSize, 1, context);
CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED, pbOut, cbSize, NULL) == cbSize, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EC_POINT_point2oct(pgroup, pPoint, POINT_CONVERSION_UNCOMPRESSED,
+ pbOut, cbSize, NULL) == cbSize,
+ COSE_ERR_CRYPTO_FAIL);
}
- p = cn_cbor_data_create(pbOut+1, (int) (cbSize / 2), CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ p = cn_cbor_data_create(
+ pbOut + 1, (int)(cbSize / 2), CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_X, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
p = NULL;
if (FUseCompressed) {
- p = cn_cbor_bool_create(pbOut[0] & 1, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ p = cn_cbor_bool_create(
+ pbOut[0] & 1, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
p = NULL;
- }
- else {
- p = cn_cbor_data_create(pbOut + cbSize / 2 + 1, (int)(cbSize / 2), CBOR_CONTEXT_PARAM_COMMA &cbor_error);
- pbOut = NULL; // It is already part of the other one.
+ } else {
+ p = cn_cbor_data_create(pbOut + cbSize / 2 + 1, (int)(cbSize / 2),
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ pbOut = NULL; // It is already part of the other one.
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_EC_Y, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
p = NULL;
}
- p = cn_cbor_int_create(COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ p = cn_cbor_int_create(
+ COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_Type, p, CBOR_CONTEXT_PARAM_COMMA &cbor_error), cbor_error);
+ CHECK_CONDITION_CBOR(cn_cbor_mapput_int(pkey, COSE_Key_Type, p,
+ CBOR_CONTEXT_PARAM_COMMA & cbor_error),
+ cbor_error);
p = NULL;
returnHere:
- if (pbOut != NULL) COSE_FREE(pbOut, context);
- if (p != NULL) CN_CBOR_FREE(p, context);
+ if (pbOut != NULL)
+ COSE_FREE(pbOut, context);
+ if (p != NULL)
+ CN_CBOR_FREE(p, context);
return pkey;
errorReturn:
@@ -995,38 +1248,53 @@
}
*/
-bool ECDSA_Sign(COSE * pSigner, int index, const cn_cbor * pKey, int cbitDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr)
+bool ECDSA_Sign(COSE *pSigner,
+ int index,
+ const cn_cbor *pKey,
+ int cbitDigest,
+ const byte *rgbToSign,
+ size_t cbToSign,
+ cose_errback *perr)
{
- EC_KEY * eckey = NULL;
+ EC_KEY *eckey = NULL;
byte rgbDigest[EVP_MAX_MD_SIZE];
unsigned int cbDigest = sizeof(rgbDigest);
- byte * pbSig = NULL;
- const EVP_MD * digest;
+ byte *pbSig = NULL;
+ const EVP_MD *digest;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pSigner->m_allocContext;
+ cn_cbor_context *context = &pSigner->m_allocContext;
#endif
- cn_cbor * p = NULL;
- ECDSA_SIG * psig = NULL;
+ cn_cbor *p = NULL;
+ ECDSA_SIG *psig = NULL;
cn_cbor_errback cbor_error;
int cbR;
byte rgbSig[66];
int cb;
-
+
eckey = ECKey_From(pKey, &cbR, perr);
if (eckey == NULL) {
errorReturn:
- if (pbSig != NULL) COSE_FREE(pbSig, context);
- if (p != NULL) CN_CBOR_FREE(p, context);
- if (eckey != NULL) EC_KEY_free(eckey);
+ if (pbSig != NULL)
+ COSE_FREE(pbSig, context);
+ if (p != NULL)
+ CN_CBOR_FREE(p, context);
+ if (eckey != NULL)
+ EC_KEY_free(eckey);
return false;
}
switch (cbitDigest) {
- case 256: digest = EVP_sha256(); break;
- case 512: digest = EVP_sha512(); break;
- case 384: digest = EVP_sha384(); break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ case 256:
+ digest = EVP_sha256();
+ break;
+ case 512:
+ digest = EVP_sha512();
+ break;
+ case 384:
+ digest = EVP_sha384();
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
EVP_Digest(rgbToSign, cbToSign, rgbDigest, &cbDigest, digest, NULL);
@@ -1046,33 +1314,43 @@
cb = BN_bn2bin(s, rgbSig);
CHECK_CONDITION(cb <= cbR, COSE_ERR_INVALID_PARAMETER);
- memcpy(pbSig + 2*cbR - cb, rgbSig, cb);
+ memcpy(pbSig + 2 * cbR - cb, rgbSig, cb);
- p = cn_cbor_data_create(pbSig, cbR*2, CBOR_CONTEXT_PARAM_COMMA &cbor_error);
+ p = cn_cbor_data_create(
+ pbSig, cbR * 2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION_CBOR(p != NULL, cbor_error);
- CHECK_CONDITION(_COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
-
+ CHECK_CONDITION(
+ _COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
+
pbSig = NULL;
- if (eckey != NULL) EC_KEY_free(eckey);
+ if (eckey != NULL)
+ EC_KEY_free(eckey);
return true;
}
-bool ECDSA_Verify(COSE * pSigner, int index, const cn_cbor * pKey, int cbitDigest, const byte * rgbToSign, size_t cbToSign, cose_errback * perr)
+bool ECDSA_Verify(COSE *pSigner,
+ int index,
+ const cn_cbor *pKey,
+ int cbitDigest,
+ const byte *rgbToSign,
+ size_t cbToSign,
+ cose_errback *perr)
{
- EC_KEY * eckey = NULL;
+ EC_KEY *eckey = NULL;
byte rgbDigest[EVP_MAX_MD_SIZE];
unsigned int cbDigest = sizeof(rgbDigest);
- const EVP_MD * digest;
+ const EVP_MD *digest;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pSigner->m_allocContext;
+ cn_cbor_context *context = &pSigner->m_allocContext;
#endif
- cn_cbor * p = NULL;
+ cn_cbor *p = NULL;
ECDSA_SIG *sig = NULL;
int cbR;
- cn_cbor * pSig;
+ cn_cbor *pSig;
size_t cbSignature;
BIGNUM *r, *s;
@@ -1080,18 +1358,27 @@
eckey = ECKey_From(pKey, &cbR, perr);
if (eckey == NULL) {
errorReturn:
- if (p != NULL) CN_CBOR_FREE(p, context);
- if (eckey != NULL) EC_KEY_free(eckey);
- if (sig != NULL) ECDSA_SIG_free(sig);
+ if (p != NULL)
+ CN_CBOR_FREE(p, context);
+ if (eckey != NULL)
+ EC_KEY_free(eckey);
+ if (sig != NULL)
+ ECDSA_SIG_free(sig);
return false;
}
switch (cbitDigest) {
- case 256: digest = EVP_sha256(); break;
- case 512: digest = EVP_sha512(); break;
- case 384: digest = EVP_sha384(); break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ case 256:
+ digest = EVP_sha256();
+ break;
+ case 512:
+ digest = EVP_sha512();
+ break;
+ case 384:
+ digest = EVP_sha384();
+ break;
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
EVP_Digest(rgbToSign, cbToSign, rgbDigest, &cbDigest, digest, NULL);
@@ -1100,9 +1387,9 @@
cbSignature = pSig->length;
CHECK_CONDITION(cbSignature / 2 == (size_t)cbR, COSE_ERR_INVALID_PARAMETER);
- r = BN_bin2bn(pSig->v.bytes,(int) cbSignature/2, NULL);
+ r = BN_bin2bn(pSig->v.bytes, (int)cbSignature / 2, NULL);
CHECK_CONDITION(NULL != r, COSE_ERR_OUT_OF_MEMORY);
- s = BN_bin2bn(pSig->v.bytes+cbSignature/2, (int) cbSignature/2, NULL);
+ s = BN_bin2bn(pSig->v.bytes + cbSignature / 2, (int)cbSignature / 2, NULL);
CHECK_CONDITION(NULL != s, COSE_ERR_OUT_OF_MEMORY);
sig = ECDSA_SIG_new();
@@ -1110,54 +1397,65 @@
ECDSA_SIG_set0(sig, r, s);
- CHECK_CONDITION(ECDSA_do_verify(rgbDigest, cbDigest, sig, eckey) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(ECDSA_do_verify(rgbDigest, cbDigest, sig, eckey) == 1,
+ COSE_ERR_CRYPTO_FAIL);
- if (eckey != NULL) EC_KEY_free(eckey);
- if (sig != NULL) ECDSA_SIG_free(sig);
+ if (eckey != NULL)
+ EC_KEY_free(eckey);
+ if (sig != NULL)
+ ECDSA_SIG_free(sig);
return true;
}
-
#ifdef USE_EDDSA
-bool EdDSA_Sign(COSE* pSigner, int index, const cn_cbor* pKeyIn, const byte* rgbToSign, size_t cbToSign, cose_errback* perr)
+bool EdDSA_Sign(COSE *pSigner,
+ int index,
+ const cn_cbor *pKeyIn,
+ const byte *rgbToSign,
+ size_t cbToSign,
+ cose_errback *perr)
{
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context* context = &pSigner->m_allocContext;
+ cn_cbor_context *context = &pSigner->m_allocContext;
#endif
- cn_cbor* p;
+ cn_cbor *p;
cn_cbor_errback cbor_error;
- EVP_PKEY_CTX* keyCtx = NULL;
- EVP_MD_CTX* mdCtx = NULL;
- EVP_PKEY* pkey = NULL;
- byte* pbSig = NULL;
+ EVP_PKEY_CTX *keyCtx = NULL;
+ EVP_MD_CTX *mdCtx = NULL;
+ EVP_PKEY *pkey = NULL;
+ byte *pbSig = NULL;
int cbSig;
p = cn_cbor_mapget_int(pKeyIn, COSE_Key_OPK_Curve);
if (p == NULL) {
errorReturn:
- if (mdCtx != NULL) EVP_MD_CTX_free(mdCtx);
- if (keyCtx != NULL) EVP_PKEY_CTX_free(keyCtx);
- if (pkey != NULL) EVP_PKEY_free(pkey);
- if (pbSig != NULL) COSE_FREE(pbSig, context);
+ if (mdCtx != NULL)
+ EVP_MD_CTX_free(mdCtx);
+ if (keyCtx != NULL)
+ EVP_PKEY_CTX_free(keyCtx);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if (pbSig != NULL)
+ COSE_FREE(pbSig, context);
return false;
}
int type;
switch (p->v.uint) {
- case COSE_Curve_Ed25519:
- type = EVP_PKEY_ED25519;
- cbSig = 32 * 2;
- break;
+ case COSE_Curve_Ed25519:
+ type = EVP_PKEY_ED25519;
+ cbSig = 32 * 2;
+ break;
- case COSE_Curve_Ed448:
- type = EVP_PKEY_ED448;
- cbSig = 64 * 2;
- break;
+ case COSE_Curve_Ed448:
+ type = EVP_PKEY_ED448;
+ cbSig = 64 * 2;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
p = cn_cbor_mapget_int(pKeyIn, COSE_Key_EC_d);
@@ -1172,54 +1470,70 @@
mdCtx = EVP_MD_CTX_new();
CHECK_CONDITION(mdCtx != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(EVP_DigestSignInit(mdCtx, &keyCtx, NULL, NULL, pkey) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_DigestSignInit(mdCtx, &keyCtx, NULL, NULL, pkey) == 1,
+ COSE_ERR_CRYPTO_FAIL);
keyCtx = NULL;
pbSig = COSE_CALLOC(cbSig, 1, context);
CHECK_CONDITION(pbSig != NULL, COSE_ERR_OUT_OF_MEMORY);
size_t cb2 = cbSig;
- CHECK_CONDITION(EVP_DigestSign(mdCtx, pbSig, &cb2, rgbToSign, cbToSign) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_DigestSign(mdCtx, pbSig, &cb2, rgbToSign, cbToSign) == 1,
+ COSE_ERR_CRYPTO_FAIL);
- p = cn_cbor_data_create(pbSig, (int)cb2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
+ p = cn_cbor_data_create(
+ pbSig, (int)cb2, CBOR_CONTEXT_PARAM_COMMA & cbor_error);
CHECK_CONDITION(p != NULL, COSE_ERR_OUT_OF_MEMORY);
pbSig = NULL;
- CHECK_CONDITION(_COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(
+ _COSE_array_replace(pSigner, p, index, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
- if (mdCtx != NULL) EVP_MD_CTX_free(mdCtx);
- if (keyCtx != NULL) EVP_PKEY_CTX_free(keyCtx);
- if (pkey != NULL) EVP_PKEY_free(pkey);
- if (pbSig != NULL) COSE_FREE(pbSig, context);
+ if (mdCtx != NULL)
+ EVP_MD_CTX_free(mdCtx);
+ if (keyCtx != NULL)
+ EVP_PKEY_CTX_free(keyCtx);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
+ if (pbSig != NULL)
+ COSE_FREE(pbSig, context);
return true;
}
-bool EdDSA_Verify(COSE* pSigner, int index, const cn_cbor* pKey, const byte* rgbToSign, size_t cbToSign, cose_errback* perr)
+bool EdDSA_Verify(COSE *pSigner,
+ int index,
+ const cn_cbor *pKey,
+ const byte *rgbToSign,
+ size_t cbToSign,
+ cose_errback *perr)
{
- cn_cbor* pSig;
- EVP_PKEY* pkey = NULL;
+ cn_cbor *pSig;
+ EVP_PKEY *pkey = NULL;
cn_cbor *p = cn_cbor_mapget_int(pKey, COSE_Key_OPK_Curve);
if (p == NULL) {
errorReturn:
- if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
return false;
}
int type;
switch (p->v.uint) {
- case COSE_Curve_Ed25519:
- type = EVP_PKEY_ED25519;
- break;
+ case COSE_Curve_Ed25519:
+ type = EVP_PKEY_ED25519;
+ break;
- case COSE_Curve_Ed448:
- type = EVP_PKEY_ED448;
- break;
+ case COSE_Curve_Ed448:
+ type = EVP_PKEY_ED448;
+ break;
- default:
- FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
+ default:
+ FAIL_CONDITION(COSE_ERR_INVALID_PARAMETER);
}
p = cn_cbor_mapget_int(pKey, COSE_Key_OPK_X);
@@ -1231,120 +1545,159 @@
pSig = _COSE_arrayget_int(pSigner, index);
CHECK_CONDITION(pSig != NULL, COSE_ERR_INVALID_PARAMETER);
- EVP_MD_CTX* pmdCtx = EVP_MD_CTX_new();
- EVP_PKEY_CTX* keyCtx = EVP_PKEY_CTX_new_id(type, NULL);
+ EVP_MD_CTX *pmdCtx = EVP_MD_CTX_new();
+ EVP_PKEY_CTX *keyCtx = EVP_PKEY_CTX_new_id(type, NULL);
- CHECK_CONDITION(EVP_DigestVerifyInit(pmdCtx, &keyCtx, NULL, NULL, pkey) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ EVP_DigestVerifyInit(pmdCtx, &keyCtx, NULL, NULL, pkey) == 1,
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(EVP_DigestVerify(pmdCtx, pSig->v.bytes, pSig->length, rgbToSign, cbToSign) == 1, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(EVP_DigestVerify(pmdCtx, pSig->v.bytes, pSig->length,
+ rgbToSign, cbToSign) == 1,
+ COSE_ERR_CRYPTO_FAIL);
- if (pmdCtx != NULL) EVP_MD_CTX_free(pmdCtx);
- if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (pmdCtx != NULL)
+ EVP_MD_CTX_free(pmdCtx);
+ if (pkey != NULL)
+ EVP_PKEY_free(pkey);
return true;
}
#endif
-bool AES_KW_Decrypt(COSE_Enveloped * pcose, const byte * pbKeyIn, size_t cbitKey, const byte * pbCipherText, size_t cbCipherText, byte * pbKeyOut, int * pcbKeyOut, cose_errback * perr)
+bool AES_KW_Decrypt(COSE_Enveloped *pcose,
+ const byte *pbKeyIn,
+ size_t cbitKey,
+ const byte *pbCipherText,
+ size_t cbCipherText,
+ byte *pbKeyOut,
+ int *pcbKeyOut,
+ cose_errback *perr)
{
byte rgbOut[512 / 8];
AES_KEY key;
UNUSED(pcose);
- CHECK_CONDITION(AES_set_decrypt_key(pbKeyIn, (int)cbitKey, &key) == 0, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(AES_set_decrypt_key(pbKeyIn, (int)cbitKey, &key) == 0,
+ COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(AES_unwrap_key(&key, NULL, rgbOut, pbCipherText, (int) cbCipherText), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ AES_unwrap_key(&key, NULL, rgbOut, pbCipherText, (int)cbCipherText),
+ COSE_ERR_CRYPTO_FAIL);
memcpy(pbKeyOut, rgbOut, cbCipherText - 8);
- *pcbKeyOut = (int) (cbCipherText - 8);
+ *pcbKeyOut = (int)(cbCipherText - 8);
return true;
errorReturn:
return false;
}
-bool AES_KW_Encrypt(COSE_RecipientInfo * pcose, const byte * pbKeyIn, int cbitKey, const byte * pbContent, int cbContent, cose_errback * perr)
+bool AES_KW_Encrypt(COSE_RecipientInfo *pcose,
+ const byte *pbKeyIn,
+ int cbitKey,
+ const byte *pbContent,
+ int cbContent,
+ cose_errback *perr)
{
- byte *pbOut = NULL;
+ byte *pbOut = NULL;
AES_KEY key;
#ifdef USE_CBOR_CONTEXT
- cn_cbor_context * context = &pcose->m_encrypt.m_message.m_allocContext;
+ cn_cbor_context *context = &pcose->m_encrypt.m_message.m_allocContext;
#endif
- cn_cbor * cnTmp = NULL;
+ cn_cbor *cnTmp = NULL;
pbOut = COSE_CALLOC(cbContent + 8, 1, context);
CHECK_CONDITION(pbOut != NULL, COSE_ERR_OUT_OF_MEMORY);
- CHECK_CONDITION(AES_set_encrypt_key(pbKeyIn, cbitKey, &key) == 0, COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(
+ AES_set_encrypt_key(pbKeyIn, cbitKey, &key) == 0, COSE_ERR_CRYPTO_FAIL);
- CHECK_CONDITION(AES_wrap_key(&key, NULL, pbOut, pbContent, cbContent), COSE_ERR_CRYPTO_FAIL);
+ CHECK_CONDITION(AES_wrap_key(&key, NULL, pbOut, pbContent, cbContent),
+ COSE_ERR_CRYPTO_FAIL);
- cnTmp = cn_cbor_data_create(pbOut, (int)cbContent + 8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cnTmp = cn_cbor_data_create(
+ pbOut, (int)cbContent + 8, CBOR_CONTEXT_PARAM_COMMA NULL);
CHECK_CONDITION(cnTmp != NULL, COSE_ERR_CBOR);
pbOut = NULL;
- CHECK_CONDITION(_COSE_array_replace(&pcose->m_encrypt.m_message, cnTmp, INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_ERR_CBOR);
+ CHECK_CONDITION(_COSE_array_replace(&pcose->m_encrypt.m_message, cnTmp,
+ INDEX_BODY, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_ERR_CBOR);
cnTmp = NULL;
return true;
errorReturn:
COSE_FREE(cnTmp, context);
- if (pbOut != NULL) COSE_FREE(pbOut, context);
+ if (pbOut != NULL)
+ COSE_FREE(pbOut, context);
return false;
}
-
-void rand_bytes(byte * pb, size_t cb)
+void rand_bytes(byte *pb, size_t cb)
{
- RAND_bytes(pb, (int) cb);
+ RAND_bytes(pb, (int)cb);
}
/*!
-*
-* @param[in] pRecipent Pointer to the message object
-* @param[in] ppKeyPrivate Address of key with private portion
-* @param[in] pKeyPublic Address of the key w/o a private portion
-* @param[in/out] ppbSecret pointer to buffer to hold the computed secret
-* @param[in/out] pcbSecret size of the computed secret
-* @param[in] context cbor allocation context structure
-* @param[out] perr location to return error information
-* @returns success of the function
-*/
+ *
+ * @param[in] pRecipent Pointer to the message object
+ * @param[in] ppKeyPrivate Address of key with private portion
+ * @param[in] pKeyPublic Address of the key w/o a private portion
+ * @param[in/out] ppbSecret pointer to buffer to hold the computed secret
+ * @param[in/out] pcbSecret size of the computed secret
+ * @param[in] context cbor allocation context structure
+ * @param[out] perr location to return error information
+ * @returns success of the function
+ */
-bool ECDH_ComputeSecret(COSE * pRecipient, cn_cbor ** ppKeyPrivate, const cn_cbor * pKeyPublic, byte ** ppbSecret, size_t * pcbSecret, CBOR_CONTEXT_COMMA cose_errback *perr)
+bool ECDH_ComputeSecret(COSE *pRecipient,
+ cn_cbor **ppKeyPrivate,
+ const cn_cbor *pKeyPublic,
+ byte **ppbSecret,
+ size_t *pcbSecret,
+ CBOR_CONTEXT_COMMA cose_errback *perr)
{
- EC_KEY * peckeyPrivate = NULL;
- EC_KEY * peckeyPublic = NULL;
+ EC_KEY *peckeyPrivate = NULL;
+ EC_KEY *peckeyPublic = NULL;
int cbGroup;
int cbsecret;
- byte * pbsecret = NULL;
+ byte *pbsecret = NULL;
bool fRet = false;
peckeyPublic = ECKey_From(pKeyPublic, &cbGroup, perr);
- if (peckeyPublic == NULL) goto errorReturn;
+ if (peckeyPublic == NULL)
+ goto errorReturn;
if (*ppKeyPrivate == NULL) {
{
- cn_cbor * pCompress = _COSE_map_get_int(pRecipient, COSE_Header_UseCompressedECDH, COSE_BOTH, perr);
- if (pCompress == NULL) FUseCompressed = false;
- else FUseCompressed = (pCompress->type == CN_CBOR_TRUE);
+ cn_cbor *pCompress = _COSE_map_get_int(
+ pRecipient, COSE_Header_UseCompressedECDH, COSE_BOTH, perr);
+ if (pCompress == NULL)
+ FUseCompressed = false;
+ else
+ FUseCompressed = (pCompress->type == CN_CBOR_TRUE);
}
peckeyPrivate = EC_KEY_new();
EC_KEY_set_group(peckeyPrivate, EC_KEY_get0_group(peckeyPublic));
- CHECK_CONDITION(EC_KEY_generate_key(peckeyPrivate) == 1, COSE_ERR_CRYPTO_FAIL);
- *ppKeyPrivate = EC_FromKey(peckeyPrivate, CBOR_CONTEXT_PARAM_COMMA perr);
- if (*ppKeyPrivate == NULL) goto errorReturn;
- }
- else {
+ CHECK_CONDITION(
+ EC_KEY_generate_key(peckeyPrivate) == 1, COSE_ERR_CRYPTO_FAIL);
+ *ppKeyPrivate =
+ EC_FromKey(peckeyPrivate, CBOR_CONTEXT_PARAM_COMMA perr);
+ if (*ppKeyPrivate == NULL)
+ goto errorReturn;
+ } else {
peckeyPrivate = ECKey_From(*ppKeyPrivate, &cbGroup, perr);
- if (peckeyPrivate == NULL) goto errorReturn;
+ if (peckeyPrivate == NULL)
+ goto errorReturn;
}
pbsecret = COSE_CALLOC(cbGroup, 1, context);
CHECK_CONDITION(pbsecret != NULL, COSE_ERR_OUT_OF_MEMORY);
- cbsecret = ECDH_compute_key(pbsecret, cbGroup, EC_KEY_get0_public_key(peckeyPublic), peckeyPrivate, NULL);
+ cbsecret = ECDH_compute_key(pbsecret, cbGroup,
+ EC_KEY_get0_public_key(peckeyPublic), peckeyPrivate, NULL);
CHECK_CONDITION(cbsecret > 0, COSE_ERR_CRYPTO_FAIL);
*ppbSecret = pbsecret;
@@ -1354,11 +1707,14 @@
fRet = true;
errorReturn:
- if (pbsecret != NULL) COSE_FREE(pbsecret, context);
- if (peckeyPublic != NULL) EC_KEY_free(peckeyPublic);
- if (peckeyPrivate != NULL) EC_KEY_free(peckeyPrivate);
+ if (pbsecret != NULL)
+ COSE_FREE(pbsecret, context);
+ if (peckeyPublic != NULL)
+ EC_KEY_free(peckeyPublic);
+ if (peckeyPrivate != NULL)
+ EC_KEY_free(peckeyPrivate);
return fRet;
}
-#endif // USE_OPEN_SSL
+#endif // USE_OPEN_SSL
diff --git a/test/context.c b/test/context.c
index 179c4c5..7a89f6f 100644
--- a/test/context.c
+++ b/test/context.c
@@ -14,41 +14,40 @@
typedef struct {
cn_cbor_context context;
- byte * pFirst;
+ byte *pFirst;
unsigned int iFailLeft;
} MyContext;
typedef struct _MyItem {
- struct _MyItem * pNext;
- size_t size;
- byte pad[4];
- byte data[4];
+ struct _MyItem *pNext;
+ size_t size;
+ byte pad[4];
+ byte data[4];
} MyItem;
-
-bool CheckMemory(MyContext * pContext)
+bool CheckMemory(MyContext *pContext)
{
- MyItem * p = NULL;
+ MyItem *p = NULL;
// Walk memory and check every block
- for (p = (MyItem *) pContext->pFirst; p != NULL; p = p->pNext) {
- if (p->pad[0] == (byte) 0xab) {
+ for (p = (MyItem *)pContext->pFirst; p != NULL; p = p->pNext) {
+ if (p->pad[0] == (byte)0xab) {
// Block has been freed
for (unsigned i = 0; i < p->size + 8; i++) {
- if (p->pad[i] != (byte) 0xab) {
+ if (p->pad[i] != (byte)0xab) {
fprintf(stderr, "Freed block is modified");
assert(false);
}
}
- } else if (p->pad[0] == (byte) 0xef) {
+ } else if (p->pad[0] == (byte)0xef) {
for (unsigned i = 0; i < 4; i++) {
- if ((p->pad[i] != (byte) 0xef) || (p->pad[i + 4 + p->size] != (byte) 0xef)) {
+ if ((p->pad[i] != (byte)0xef) ||
+ (p->pad[i + 4 + p->size] != (byte)0xef)) {
fprintf(stderr, "Curent block was overrun");
assert(false);
}
}
- }
- else {
+ } else {
fprintf(stderr, "Incorrect pad value");
assert(false);
}
@@ -57,43 +56,44 @@
return true;
}
-void * MyCalloc(size_t count, size_t size, void * context)
+void *MyCalloc(size_t count, size_t size, void *context)
{
- MyItem * pb = NULL;
- MyContext * myContext = (MyContext *)context;
+ MyItem *pb = NULL;
+ MyContext *myContext = (MyContext *)context;
CheckMemory(myContext);
- if (myContext->iFailLeft == 0) return NULL;
+ if (myContext->iFailLeft == 0)
+ return NULL;
myContext->iFailLeft--;
- pb = (MyItem *)malloc(sizeof(MyItem) + count*size);
+ pb = (MyItem *)malloc(sizeof(MyItem) + count * size);
- memset(pb, 0xef, sizeof(MyItem) + count*size);
- memset(&pb->data, 0, count*size);
+ memset(pb, 0xef, sizeof(MyItem) + count * size);
+ memset(&pb->data, 0, count * size);
- pb->pNext = (struct _MyItem *) myContext->pFirst;
+ pb->pNext = (struct _MyItem *)myContext->pFirst;
myContext->pFirst = (byte *)pb;
- pb->size = count*size;
+ pb->size = count * size;
return &pb->data;
}
-void MyFree(void * ptr, void * context)
+void MyFree(void *ptr, void *context)
{
- MyItem * pb = (MyItem *) ((byte *) ptr - sizeof(MyItem) + 4);
- MyContext * myContext = (MyContext *)context;
+ MyItem *pb = (MyItem *)((byte *)ptr - sizeof(MyItem) + 4);
+ MyContext *myContext = (MyContext *)context;
CheckMemory(myContext);
- if (ptr == NULL) return;
+ if (ptr == NULL)
+ return;
memset(&pb->pad, 0xab, pb->size + 8);
}
-
-cn_cbor_context * CreateContext(unsigned int iFailPoint)
+cn_cbor_context *CreateContext(unsigned int iFailPoint)
{
- MyContext * p = malloc(sizeof(MyContext));
+ MyContext *p = malloc(sizeof(MyContext));
p->context.calloc_func = MyCalloc;
p->context.free_func = MyFree;
@@ -104,15 +104,15 @@
return &p->context;
}
-void FreeContext(cn_cbor_context* pContext)
+void FreeContext(cn_cbor_context *pContext)
{
- MyContext * myContext = (MyContext *)pContext;
- MyItem * pItem;
- MyItem * pItem2;
+ MyContext *myContext = (MyContext *)pContext;
+ MyItem *pItem;
+ MyItem *pItem2;
CheckMemory(myContext);
- for (pItem = (MyItem *) myContext->pFirst; pItem != NULL; pItem = pItem2) {
+ for (pItem = (MyItem *)myContext->pFirst; pItem != NULL; pItem = pItem2) {
pItem2 = pItem->pNext;
free(pItem);
}
@@ -122,4 +122,4 @@
return;
}
-#endif // USE_CBOR_CONTEXT
+#endif // USE_CBOR_CONTEXT
diff --git a/test/context.h b/test/context.h
index 2267f80..e258c4c 100644
--- a/test/context.h
+++ b/test/context.h
@@ -1,10 +1,8 @@
#pragma once
-
#ifdef USE_CBOR_CONTEXT
-extern cn_cbor_context * CreateContext();
-extern void FreeContext(cn_cbor_context * pContext);
+extern cn_cbor_context* CreateContext();
+extern void FreeContext(cn_cbor_context* pContext);
-#endif // USE_CBOR_CONTEXT
-
+#endif // USE_CBOR_CONTEXT
diff --git a/test/encrypt.c b/test/encrypt.c
index 5a569cc..98e4029 100644
--- a/test/encrypt.c
+++ b/test/encrypt.c
@@ -8,7 +8,8 @@
#include <cose/cose.h>
#include <cose/cose_configure.h>
#include <cn-cbor/cn-cbor.h>
-#if (INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC) && (!INCLUDE_MAC || !INCLUDE_SIGN)
+#if (INCLUDE_ENCRYPT || INCLUDE_ENCRYPT0 || INCLUDE_MAC) && \
+ (!INCLUDE_MAC || !INCLUDE_SIGN)
#include <cose_int.h>
#endif
#include "json.h"
@@ -16,11 +17,18 @@
#include "context.h"
#ifdef _MSC_VER
-#pragma warning (disable: 4127)
+#pragma warning(disable : 4127)
#endif
#if INCLUDE_ENCRYPT
-bool DecryptMessage(const byte * pbEncoded, size_t cbEncoded, bool fFailBody, const cn_cbor * pEnveloped, const cn_cbor * pRecipient1, int iRecipient1, const cn_cbor * pRecipient2, int iRecipient2)
+bool DecryptMessage(const byte *pbEncoded,
+ size_t cbEncoded,
+ bool fFailBody,
+ const cn_cbor *pEnveloped,
+ const cn_cbor *pRecipient1,
+ int iRecipient1,
+ const cn_cbor *pRecipient2,
+ int iRecipient2)
{
HCOSE_ENVELOPED hEnc = NULL;
HCOSE_RECIPIENT hRecip = NULL;
@@ -29,102 +37,131 @@
bool fRet = false;
int type;
cose_errback cose_err;
- cn_cbor * pkey;
+ cn_cbor *pkey;
bool fNoSupport = false;
- hEnc = (HCOSE_ENVELOPED)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_enveloped_object, CBOR_CONTEXT_PARAM_COMMA &cose_err);
+ hEnc = (HCOSE_ENVELOPED)COSE_Decode(pbEncoded, cbEncoded, &type,
+ COSE_enveloped_object, CBOR_CONTEXT_PARAM_COMMA & cose_err);
if (hEnc == NULL) {
- if (fFailBody && (cose_err.err == COSE_ERR_INVALID_PARAMETER)) return true;
+ if (fFailBody && (cose_err.err == COSE_ERR_INVALID_PARAMETER))
+ return true;
goto errorReturn;
}
- if (!SetReceivingAttributes((HCOSE)hEnc, pEnveloped, Attributes_Enveloped_protected)) goto errorReturn;
+ if (!SetReceivingAttributes(
+ (HCOSE)hEnc, pEnveloped, Attributes_Enveloped_protected))
+ goto errorReturn;
- cn_cbor * alg = COSE_Enveloped_map_get_int(hEnc, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ cn_cbor *alg = COSE_Enveloped_map_get_int(
+ hEnc, COSE_Header_Algorithm, COSE_BOTH, NULL);
if (!IsAlgorithmSupported(alg)) {
fNoSupport = true;
}
hRecip1 = COSE_Enveloped_GetRecipient(hEnc, iRecipient1, NULL);
- if (hRecip1 == NULL) goto errorReturn;
- if (!SetReceivingAttributes((HCOSE)hRecip1, pRecipient1, Attributes_Recipient_protected)) goto errorReturn;
+ if (hRecip1 == NULL)
+ goto errorReturn;
+ if (!SetReceivingAttributes(
+ (HCOSE)hRecip1, pRecipient1, Attributes_Recipient_protected))
+ goto errorReturn;
if (pRecipient2 != NULL) {
pkey = BuildKey(cn_cbor_mapget_string(pRecipient2, "key"), false);
- if (pkey == NULL) goto errorReturn;
+ if (pkey == NULL)
+ goto errorReturn;
hRecip2 = COSE_Recipient_GetRecipient(hRecip1, iRecipient2, NULL);
- if (hRecip2 == NULL) goto errorReturn;
+ if (hRecip2 == NULL)
+ goto errorReturn;
- if (!SetReceivingAttributes((HCOSE)hRecip2, pRecipient2, Attributes_Recipient_protected)) goto errorReturn;
- if (!COSE_Recipient_SetKey(hRecip2, pkey, NULL)) goto errorReturn;
+ if (!SetReceivingAttributes(
+ (HCOSE)hRecip2, pRecipient2, Attributes_Recipient_protected))
+ goto errorReturn;
+ if (!COSE_Recipient_SetKey(hRecip2, pkey, NULL))
+ goto errorReturn;
- cn_cbor * cnStatic = cn_cbor_mapget_string(pRecipient2, "sender_key");
+ cn_cbor *cnStatic = cn_cbor_mapget_string(pRecipient2, "sender_key");
if (cnStatic != NULL) {
- if (COSE_Recipient_map_get_int(hRecip2, COSE_Header_ECDH_SPK, COSE_BOTH, NULL) == 0) {
- COSE_Recipient_map_put_int(hRecip2, COSE_Header_ECDH_SPK, BuildKey(cnStatic, true), COSE_DONT_SEND, NULL);
+ if (COSE_Recipient_map_get_int(
+ hRecip2, COSE_Header_ECDH_SPK, COSE_BOTH, NULL) == 0) {
+ COSE_Recipient_map_put_int(hRecip2, COSE_Header_ECDH_SPK,
+ BuildKey(cnStatic, true), COSE_DONT_SEND, NULL);
}
}
hRecip = hRecip2;
- }
- else {
+ } else {
pkey = BuildKey(cn_cbor_mapget_string(pRecipient1, "key"), false);
- if (pkey == NULL) goto errorReturn;
- if (!COSE_Recipient_SetKey(hRecip1, pkey, NULL)) goto errorReturn;
+ if (pkey == NULL)
+ goto errorReturn;
+ if (!COSE_Recipient_SetKey(hRecip1, pkey, NULL))
+ goto errorReturn;
- cn_cbor * cnStatic = cn_cbor_mapget_string(pRecipient1, "sender_key");
+ cn_cbor *cnStatic = cn_cbor_mapget_string(pRecipient1, "sender_key");
if (cnStatic != NULL) {
- if (COSE_Recipient_map_get_int(hRecip1, COSE_Header_ECDH_SPK, COSE_BOTH, NULL) == 0) {
- COSE_Recipient_map_put_int(hRecip1, COSE_Header_ECDH_SPK, BuildKey(cnStatic, true), COSE_DONT_SEND, NULL);
+ if (COSE_Recipient_map_get_int(
+ hRecip1, COSE_Header_ECDH_SPK, COSE_BOTH, NULL) == 0) {
+ COSE_Recipient_map_put_int(hRecip1, COSE_Header_ECDH_SPK,
+ BuildKey(cnStatic, true), COSE_DONT_SEND, NULL);
}
}
hRecip = hRecip1;
}
-
if (!fFailBody) {
- cn_cbor * cn = cn_cbor_mapget_string(pRecipient1, "fail");
- if (cn != NULL && (cn->type == CN_CBOR_TRUE)) fFailBody = true;
+ cn_cbor *cn = cn_cbor_mapget_string(pRecipient1, "fail");
+ if (cn != NULL && (cn->type == CN_CBOR_TRUE))
+ fFailBody = true;
if (fFailBody && (pRecipient2 != NULL)) {
cn = cn_cbor_mapget_string(pRecipient2, "fail");
- if (cn != NULL && (cn->type == CN_CBOR_TRUE)) fFailBody = true;
+ if (cn != NULL && (cn->type == CN_CBOR_TRUE))
+ fFailBody = true;
}
if (hRecip2 != NULL) {
- alg = COSE_Recipient_map_get_int(hRecip2, COSE_Header_Algorithm, COSE_BOTH, NULL);
- if (!IsAlgorithmSupported(alg)) fNoSupport = true;
+ alg = COSE_Recipient_map_get_int(
+ hRecip2, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ if (!IsAlgorithmSupported(alg))
+ fNoSupport = true;
}
- alg = COSE_Recipient_map_get_int(hRecip1, COSE_Header_Algorithm, COSE_BOTH, NULL);
- if (!IsAlgorithmSupported(alg)) fNoSupport = true;
+ alg = COSE_Recipient_map_get_int(
+ hRecip1, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ if (!IsAlgorithmSupported(alg))
+ fNoSupport = true;
}
if (COSE_Enveloped_decrypt(hEnc, hRecip, NULL)) {
fRet = !fFailBody;
- }
- else {
- if (fNoSupport) fRet = false;
- else fRet = fFailBody;
+ } else {
+ if (fNoSupport)
+ fRet = false;
+ else
+ fRet = fFailBody;
}
- if (!fRet && !fNoSupport) CFails++;
+ if (!fRet && !fNoSupport)
+ CFails++;
errorReturn:
- if (hEnc != NULL) COSE_Enveloped_Free(hEnc);
- if (hRecip1 != NULL) COSE_Recipient_Free(hRecip1);
- if (hRecip2 != NULL) COSE_Recipient_Free(hRecip2);
-
+ if (hEnc != NULL)
+ COSE_Enveloped_Free(hEnc);
+ if (hRecip1 != NULL)
+ COSE_Recipient_Free(hRecip1);
+ if (hRecip2 != NULL)
+ COSE_Recipient_Free(hRecip2);
return fRet;
}
-int _ValidateEnveloped(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded)
+int _ValidateEnveloped(const cn_cbor *pControl,
+ const byte *pbEncoded,
+ size_t cbEncoded)
{
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor * pFail;
- const cn_cbor * pEnveloped;
- const cn_cbor * pRecipients;
+ const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor *pFail;
+ const cn_cbor *pEnveloped;
+ const cn_cbor *pRecipients;
int iRecipient;
bool fFailBody = false;
int passCount = 0;
@@ -134,25 +171,31 @@
fFailBody = true;
}
- if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) goto errorReturn;
+ if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP))
+ goto errorReturn;
pEnveloped = cn_cbor_mapget_string(pInput, "enveloped");
- if ((pEnveloped == NULL) || (pEnveloped->type != CN_CBOR_MAP)) goto errorReturn;
+ if ((pEnveloped == NULL) || (pEnveloped->type != CN_CBOR_MAP))
+ goto errorReturn;
pRecipients = cn_cbor_mapget_string(pEnveloped, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto errorReturn;
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto errorReturn;
- iRecipient = (int) pRecipients->length - 1;
+ iRecipient = (int)pRecipients->length - 1;
pRecipients = pRecipients->first_child;
for (; pRecipients != NULL; iRecipient--, pRecipients = pRecipients->next) {
- cn_cbor * pRecip2 = cn_cbor_mapget_string(pRecipients, "recipients");
+ cn_cbor *pRecip2 = cn_cbor_mapget_string(pRecipients, "recipients");
if (pRecip2 == NULL) {
- if (DecryptMessage(pbEncoded, cbEncoded, fFailBody, pEnveloped, pRecipients, iRecipient, NULL, 0)) passCount++;
- }
- else {
+ if (DecryptMessage(pbEncoded, cbEncoded, fFailBody, pEnveloped,
+ pRecipients, iRecipient, NULL, 0))
+ passCount++;
+ } else {
int iRecipient2 = (int)(pRecip2->length - 1);
pRecip2 = pRecip2->first_child;
for (; pRecip2 != NULL; pRecip2 = pRecip2->next, iRecipient2--) {
- if (DecryptMessage(pbEncoded, cbEncoded, fFailBody, pEnveloped, pRecipients, iRecipient, pRecip2, iRecipient2))passCount++;
+ if (DecryptMessage(pbEncoded, cbEncoded, fFailBody, pEnveloped,
+ pRecipients, iRecipient, pRecip2, iRecipient2))
+ passCount++;
}
}
}
@@ -163,45 +206,54 @@
return 0;
}
-int ValidateEnveloped(const cn_cbor * pControl)
+int ValidateEnveloped(const cn_cbor *pControl)
{
int cbEncoded;
- byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ byte *pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
return _ValidateEnveloped(pControl, pbEncoded, cbEncoded);
}
-HCOSE_RECIPIENT BuildRecipient(const cn_cbor * pRecipient)
+HCOSE_RECIPIENT BuildRecipient(const cn_cbor *pRecipient)
{
- HCOSE_RECIPIENT hRecip = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecip == NULL) goto returnError;
+ HCOSE_RECIPIENT hRecip =
+ COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecip == NULL)
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hRecip, pRecipient, Attributes_Recipient_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hRecip, pRecipient, Attributes_Recipient_protected))
+ goto returnError;
- cn_cbor * cnKey = cn_cbor_mapget_string(pRecipient, "key");
+ cn_cbor *cnKey = cn_cbor_mapget_string(pRecipient, "key");
if (cnKey != NULL) {
- cn_cbor * pkey = BuildKey(cnKey, true);
- if (pkey == NULL) goto returnError;
+ cn_cbor *pkey = BuildKey(cnKey, true);
+ if (pkey == NULL)
+ goto returnError;
- if (!COSE_Recipient_SetKey(hRecip, pkey, NULL)) goto returnError;
+ if (!COSE_Recipient_SetKey(hRecip, pkey, NULL))
+ goto returnError;
}
cnKey = cn_cbor_mapget_string(pRecipient, "recipients");
if (cnKey != NULL) {
for (cnKey = cnKey->first_child; cnKey != NULL; cnKey = cnKey->next) {
HCOSE_RECIPIENT hRecip2 = BuildRecipient(cnKey);
- if (hRecip2 == NULL) goto returnError;
- if (!COSE_Recipient_AddRecipient(hRecip, hRecip2, NULL)) goto returnError;
+ if (hRecip2 == NULL)
+ goto returnError;
+ if (!COSE_Recipient_AddRecipient(hRecip, hRecip2, NULL))
+ goto returnError;
COSE_Recipient_Free(hRecip2);
}
}
-
- cn_cbor * pSenderKey = cn_cbor_mapget_string(pRecipient, "sender_key");
+ cn_cbor *pSenderKey = cn_cbor_mapget_string(pRecipient, "sender_key");
if (pSenderKey != NULL) {
- cn_cbor * pSendKey = BuildKey(pSenderKey, false);
- cn_cbor * pKid = cn_cbor_mapget_string(pSenderKey, "kid");
- if (!COSE_Recipient_SetSenderKey(hRecip, pSendKey, (pKid == NULL) ? 2 : 1, NULL)) goto returnError;
+ cn_cbor *pSendKey = BuildKey(pSenderKey, false);
+ cn_cbor *pKid = cn_cbor_mapget_string(pSenderKey, "kid");
+ if (!COSE_Recipient_SetSenderKey(
+ hRecip, pSendKey, (pKid == NULL) ? 2 : 1, NULL))
+ goto returnError;
}
return hRecip;
@@ -211,7 +263,7 @@
return NULL;
}
-int BuildEnvelopedMessage(const cn_cbor * pControl)
+int BuildEnvelopedMessage(const cn_cbor *pControl)
{
int iRecipient;
@@ -219,20 +271,28 @@
// We don't run this for all control sequences - skip those marked fail.
//
- const cn_cbor * pFail = cn_cbor_mapget_string(pControl, "fail");
- if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) return 0;
+ const cn_cbor *pFail = cn_cbor_mapget_string(pControl, "fail");
+ if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE))
+ return 0;
- HCOSE_ENVELOPED hEncObj = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ HCOSE_ENVELOPED hEncObj =
+ COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- const cn_cbor * pInputs = cn_cbor_mapget_string(pControl, "input");
- if (pInputs == NULL) goto returnError;
- const cn_cbor * pEnveloped = cn_cbor_mapget_string(pInputs, "enveloped");
- if (pEnveloped == NULL) goto returnError;
+ const cn_cbor *pInputs = cn_cbor_mapget_string(pControl, "input");
+ if (pInputs == NULL)
+ goto returnError;
+ const cn_cbor *pEnveloped = cn_cbor_mapget_string(pInputs, "enveloped");
+ if (pEnveloped == NULL)
+ goto returnError;
- const cn_cbor * pContent = cn_cbor_mapget_string(pInputs, "plaintext");
- if (!COSE_Enveloped_SetContent(hEncObj, pContent->v.bytes, pContent->length, NULL)) goto returnError;
+ const cn_cbor *pContent = cn_cbor_mapget_string(pInputs, "plaintext");
+ if (!COSE_Enveloped_SetContent(
+ hEncObj, pContent->v.bytes, pContent->length, NULL))
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hEncObj, pEnveloped, Attributes_Enveloped_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hEncObj, pEnveloped, Attributes_Enveloped_protected))
+ goto returnError;
#if 0
const cn_cbor * pCounterSign = cn_cbor_mapget_string(pEnveloped, "countersign");
@@ -243,26 +303,34 @@
}
#endif
- const cn_cbor * pAlg = COSE_Enveloped_map_get_int(hEncObj, 1, COSE_BOTH, NULL);
- if (pAlg == NULL) goto returnError;
+ const cn_cbor *pAlg =
+ COSE_Enveloped_map_get_int(hEncObj, 1, COSE_BOTH, NULL);
+ if (pAlg == NULL)
+ goto returnError;
- const cn_cbor * pRecipients = cn_cbor_mapget_string(pEnveloped, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto returnError;
+ const cn_cbor *pRecipients =
+ cn_cbor_mapget_string(pEnveloped, "recipients");
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto returnError;
pRecipients = pRecipients->first_child;
- for (iRecipient = 0; pRecipients != NULL; iRecipient++, pRecipients = pRecipients->next) {
+ for (iRecipient = 0; pRecipients != NULL;
+ iRecipient++, pRecipients = pRecipients->next) {
HCOSE_RECIPIENT hRecip = BuildRecipient(pRecipients);
- if (hRecip == NULL) goto returnError;
+ if (hRecip == NULL)
+ goto returnError;
- if (!COSE_Enveloped_AddRecipient(hEncObj, hRecip, NULL)) goto returnError;
+ if (!COSE_Enveloped_AddRecipient(hEncObj, hRecip, NULL))
+ goto returnError;
COSE_Recipient_Free(hRecip);
}
- if (!COSE_Enveloped_encrypt(hEncObj, NULL)) goto returnError;
+ if (!COSE_Enveloped_encrypt(hEncObj, NULL))
+ goto returnError;
size_t cb = COSE_Encode((HCOSE)hEncObj, NULL, 0, 0) + 1;
- byte * rgb = (byte *)malloc(cb);
+ byte *rgb = (byte *)malloc(cb);
cb = COSE_Encode((HCOSE)hEncObj, rgb, 0, cb);
COSE_Enveloped_Free(hEncObj);
@@ -278,38 +346,56 @@
int EncryptMessage()
{
- HCOSE_ENVELOPED hEncObj = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- byte rgbSecret[128 / 8] = { 'a', 'b', 'c' };
- int cbSecret = 128/8;
- byte rgbKid[15] = { 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'l', 'm', 'n', 'o', 'p' };
+ HCOSE_ENVELOPED hEncObj =
+ COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ byte rgbSecret[128 / 8] = {'a', 'b', 'c'};
+ int cbSecret = 128 / 8;
+ byte rgbKid[15] = {'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'l',
+ 'm', 'n', 'o', 'p'};
int cbKid = 6;
size_t cb;
- byte * rgb;
- char * sz = "This is the content to be used";
+ byte *rgb;
+ char *sz = "This is the content to be used";
HCOSE_RECIPIENT hRecip = NULL;
- if (hEncObj == NULL) goto errorReturn;
- if (!COSE_Enveloped_map_put_int(hEncObj, COSE_Header_Algorithm, cn_cbor_int_create(COSE_Algorithm_AES_CCM_16_64_128, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) goto errorReturn;
- if (!COSE_Enveloped_SetContent(hEncObj, (byte *) sz, strlen(sz), NULL)) goto errorReturn;
- if (!COSE_Enveloped_map_put_int(hEncObj, COSE_Header_IV, cn_cbor_data_create(rgbKid, 13, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_UNPROTECT_ONLY, NULL)) goto errorReturn;
+ if (hEncObj == NULL)
+ goto errorReturn;
+ if (!COSE_Enveloped_map_put_int(hEncObj, COSE_Header_Algorithm,
+ cn_cbor_int_create(COSE_Algorithm_AES_CCM_16_64_128,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ goto errorReturn;
+ if (!COSE_Enveloped_SetContent(hEncObj, (byte *)sz, strlen(sz), NULL))
+ goto errorReturn;
+ if (!COSE_Enveloped_map_put_int(hEncObj, COSE_Header_IV,
+ cn_cbor_data_create(rgbKid, 13, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_UNPROTECT_ONLY, NULL))
+ goto errorReturn;
- hRecip = COSE_Recipient_from_shared_secret(rgbSecret, cbSecret, rgbKid, cbKid, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecip == NULL) goto errorReturn;
- if (!COSE_Enveloped_AddRecipient(hEncObj, hRecip, NULL)) goto errorReturn;
+ hRecip = COSE_Recipient_from_shared_secret(
+ rgbSecret, cbSecret, rgbKid, cbKid, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecip == NULL)
+ goto errorReturn;
+ if (!COSE_Enveloped_AddRecipient(hEncObj, hRecip, NULL))
+ goto errorReturn;
- if (!COSE_Enveloped_encrypt(hEncObj, NULL)) goto errorReturn;
+ if (!COSE_Enveloped_encrypt(hEncObj, NULL))
+ goto errorReturn;
cb = COSE_Encode((HCOSE)hEncObj, NULL, 0, 0);
- if (cb < 1) goto errorReturn;
+ if (cb < 1)
+ goto errorReturn;
rgb = (byte *)malloc(cb);
- if (rgb == NULL) goto errorReturn;
+ if (rgb == NULL)
+ goto errorReturn;
cb = COSE_Encode((HCOSE)hEncObj, rgb, 0, cb);
- if (cb < 1) goto errorReturn;
+ if (cb < 1)
+ goto errorReturn;
COSE_Recipient_Free(hRecip);
hRecip = NULL;
- FILE * fp = fopen("test.cbor", "wb");
+ FILE *fp = fopen("test.cbor", "wb");
fwrite(rgb, cb, 1, fp);
fclose(fp);
@@ -330,17 +416,23 @@
/* */
int typ;
- hEncObj = (HCOSE_ENVELOPED) COSE_Decode(rgb, (int) cb, &typ, COSE_enveloped_object, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEncObj == NULL) goto errorReturn;
+ hEncObj = (HCOSE_ENVELOPED)COSE_Decode(rgb, (int)cb, &typ,
+ COSE_enveloped_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hEncObj == NULL)
+ goto errorReturn;
int iRecipient = 0;
do {
hRecip = COSE_Enveloped_GetRecipient(hEncObj, iRecipient, NULL);
- if (hRecip == NULL) break;
+ if (hRecip == NULL)
+ break;
- if (!COSE_Recipient_SetKey_secret(hRecip, rgbSecret, cbSecret, NULL, 0, NULL)) goto errorReturn;
+ if (!COSE_Recipient_SetKey_secret(
+ hRecip, rgbSecret, cbSecret, NULL, 0, NULL))
+ goto errorReturn;
- if (!COSE_Enveloped_decrypt(hEncObj, hRecip, NULL)) goto errorReturn;
+ if (!COSE_Enveloped_decrypt(hEncObj, hRecip, NULL))
+ goto errorReturn;
COSE_Recipient_Free(hRecip);
hRecip = NULL;
@@ -353,8 +445,10 @@
return 1;
errorReturn:
- if (hEncObj != NULL) COSE_Enveloped_Free(hEncObj);
- if (hRecip != NULL) COSE_Recipient_Free(hRecip);
+ if (hEncObj != NULL)
+ COSE_Enveloped_Free(hEncObj);
+ if (hRecip != NULL)
+ COSE_Recipient_Free(hRecip);
CFails++;
return 0;
}
@@ -363,12 +457,15 @@
/********************************************/
#if INCLUDE_ENCRYPT0
-int _ValidateEncrypt(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded, cn_cbor * pcnEncoded)
+int _ValidateEncrypt(const cn_cbor *pControl,
+ const byte *pbEncoded,
+ size_t cbEncoded,
+ cn_cbor *pcnEncoded)
{
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor * pFail;
- const cn_cbor * pEncrypt;
- const cn_cbor * pRecipients;
+ const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor *pFail;
+ const cn_cbor *pEncrypt;
+ const cn_cbor *pRecipients;
HCOSE_ENCRYPT hEnc;
int type;
bool fFail = false;
@@ -380,36 +477,54 @@
fFailBody = true;
}
- if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) goto returnError;
+ if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP))
+ goto returnError;
pEncrypt = cn_cbor_mapget_string(pInput, "encrypted");
- if ((pEncrypt == NULL) || (pEncrypt->type != CN_CBOR_MAP)) goto returnError;
+ if ((pEncrypt == NULL) || (pEncrypt->type != CN_CBOR_MAP))
+ goto returnError;
pRecipients = cn_cbor_mapget_string(pEncrypt, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto returnError;
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto returnError;
pRecipients = pRecipients->first_child;
if (pcnEncoded == NULL) {
- hEnc = (HCOSE_ENCRYPT)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_encrypt_object, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEnc == NULL) { if (fFailBody) return 0; else goto returnError; }
- }
- else {
- hEnc = COSE_Encrypt_Init_From_Object(pcnEncoded, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEnc == NULL) { if (fFailBody) return 0; else goto returnError; }
+ hEnc = (HCOSE_ENCRYPT)COSE_Decode(pbEncoded, cbEncoded, &type,
+ COSE_encrypt_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hEnc == NULL) {
+ if (fFailBody)
+ return 0;
+ else
+ goto returnError;
+ }
+ } else {
+ hEnc = COSE_Encrypt_Init_From_Object(
+ pcnEncoded, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hEnc == NULL) {
+ if (fFailBody)
+ return 0;
+ else
+ goto returnError;
+ }
}
- if (!SetReceivingAttributes((HCOSE)hEnc, pEncrypt, Attributes_Encrypt_protected)) goto returnError;
+ if (!SetReceivingAttributes(
+ (HCOSE)hEnc, pEncrypt, Attributes_Encrypt_protected))
+ goto returnError;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
- if (pkey == NULL) goto returnError;
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
+ if (pkey == NULL)
+ goto returnError;
- cn_cbor * k = cn_cbor_mapget_int(pkey, -1);
+ cn_cbor *k = cn_cbor_mapget_int(pkey, -1);
if (k == NULL) {
fFail = true;
goto exitHere;
}
- cn_cbor * alg = COSE_Encrypt_map_get_int(hEnc, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ cn_cbor *alg =
+ COSE_Encrypt_map_get_int(hEnc, COSE_Header_Algorithm, COSE_BOTH, NULL);
if (!IsAlgorithmSupported(alg)) {
fAlgSupport = false;
fFail = false;
@@ -426,15 +541,14 @@
}
size_t cb;
- byte * pb;
+ byte *pb;
pb = COSE_Encrypt_GetContent(hEnc, &cb, NULL);
- }
- else {
+ } else {
if (fAlgSupport) {
fFail = true;
fAlgSupport = false;
- }
- else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE)) fFail = true;
+ } else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE))
+ fFail = true;
}
COSE_Encrypt_Free(hEnc);
@@ -443,15 +557,17 @@
if (fAlgSupport) {
if (fFailBody) {
- if (!fFail) fFail = true;
- else fFail = false;
+ if (!fFail)
+ fFail = true;
+ else
+ fFail = false;
}
- }
- else {
+ } else {
fFail = false;
}
- if (fFail) CFails += 1;
+ if (fFail)
+ CFails += 1;
return fAlgSupport ? 1 : 0;
returnError:
@@ -459,60 +575,72 @@
return 0;
}
-int ValidateEncrypt(const cn_cbor * pControl)
+int ValidateEncrypt(const cn_cbor *pControl)
{
int cbEncoded;
- byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ byte *pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
int fRet;
fRet = _ValidateEncrypt(pControl, pbEncoded, cbEncoded, NULL);
- if (!fRet) return fRet;
+ if (!fRet)
+ return fRet;
- cn_cbor * cbor = cn_cbor_decode(pbEncoded, cbEncoded, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (cbor == NULL) return false;
+ cn_cbor *cbor =
+ cn_cbor_decode(pbEncoded, cbEncoded, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (cbor == NULL)
+ return false;
return _ValidateEncrypt(pControl, NULL, 0, cbor);
}
-int BuildEncryptMessage(const cn_cbor * pControl)
+int BuildEncryptMessage(const cn_cbor *pControl)
{
-
//
// We don't run this for all control sequences - skip those marked fail.
//
- const cn_cbor * pFail = cn_cbor_mapget_string(pControl, "fail");
- if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) return 0;
+ const cn_cbor *pFail = cn_cbor_mapget_string(pControl, "fail");
+ if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE))
+ return 0;
HCOSE_ENCRYPT hEncObj = COSE_Encrypt_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- const cn_cbor * pInputs = cn_cbor_mapget_string(pControl, "input");
- if (pInputs == NULL) goto returnError;
- const cn_cbor * pEncrypt = cn_cbor_mapget_string(pInputs, "encrypted");
- if (pEncrypt == NULL) goto returnError;
+ const cn_cbor *pInputs = cn_cbor_mapget_string(pControl, "input");
+ if (pInputs == NULL)
+ goto returnError;
+ const cn_cbor *pEncrypt = cn_cbor_mapget_string(pInputs, "encrypted");
+ if (pEncrypt == NULL)
+ goto returnError;
- const cn_cbor * pContent = cn_cbor_mapget_string(pInputs, "plaintext");
- if (!COSE_Encrypt_SetContent(hEncObj, pContent->v.bytes, pContent->length, NULL)) goto returnError;
+ const cn_cbor *pContent = cn_cbor_mapget_string(pInputs, "plaintext");
+ if (!COSE_Encrypt_SetContent(
+ hEncObj, pContent->v.bytes, pContent->length, NULL))
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hEncObj, pEncrypt, Attributes_Encrypt_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hEncObj, pEncrypt, Attributes_Encrypt_protected))
+ goto returnError;
- const cn_cbor * pAlg = COSE_Encrypt_map_get_int(hEncObj, 1, COSE_BOTH, NULL);
- if (pAlg == NULL) goto returnError;
+ const cn_cbor *pAlg = COSE_Encrypt_map_get_int(hEncObj, 1, COSE_BOTH, NULL);
+ if (pAlg == NULL)
+ goto returnError;
- const cn_cbor * pRecipients = cn_cbor_mapget_string(pEncrypt, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto returnError;
+ const cn_cbor *pRecipients = cn_cbor_mapget_string(pEncrypt, "recipients");
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto returnError;
pRecipients = pRecipients->first_child;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
- if (pkey == NULL) goto returnError;
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
+ if (pkey == NULL)
+ goto returnError;
- cn_cbor * k = cn_cbor_mapget_int(pkey, -1);
+ cn_cbor *k = cn_cbor_mapget_int(pkey, -1);
-
- if (!COSE_Encrypt_encrypt(hEncObj, k->v.bytes, k->length, NULL)) goto returnError;
+ if (!COSE_Encrypt_encrypt(hEncObj, k->v.bytes, k->length, NULL))
+ goto returnError;
size_t cb = COSE_Encode((HCOSE)hEncObj, NULL, 0, 0) + 1;
- byte * rgb = (byte *)malloc(cb);
+ byte *rgb = (byte *)malloc(cb);
cb = COSE_Encode((HCOSE)hEncObj, rgb, 0, cb);
COSE_Encrypt_Free(hEncObj);
@@ -537,71 +665,104 @@
HCOSE_RECIPIENT hRecipient = NULL;
HCOSE_RECIPIENT hRecipientBad = NULL;
byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
cose_errback cose_error;
hEncrypt = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#if INCLUDE_MAC
- hEncryptBad = (HCOSE_ENVELOPED)COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hEncryptBad =
+ (HCOSE_ENVELOPED)COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#else
hEncryptBad = (HCOSE_ENVELOPED)COSE_CALLOC(1, sizeof(COSE), context);
#endif
hRecipient = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#if INCLUDE_MAC
- hRecipientBad = (HCOSE_RECIPIENT)COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hRecipientBad =
+ (HCOSE_RECIPIENT)COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#else
hRecipientBad = (HCOSE_RECIPIENT)COSE_CALLOC(1, sizeof(COSE), context);
#endif
// Missing case - addref then release on item
+ //
+ // Do parameter checks
+ // - NULL handle
+ // - Incorrect handle
+ // - NULL pointer
+ //
- //
- // Do parameter checks
- // - NULL handle
- // - Incorrect handle
- // - NULL pointer
- //
+ CHECK_FAILURE(COSE_Enveloped_SetContent(hEncryptNULL, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_SetContent(hEncryptBad, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_SetContent(hEncrypt, NULL, 10, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Enveloped_SetContent(hEncryptNULL, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_SetContent(hEncryptBad, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_SetContent(hEncrypt, NULL, 10, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_map_put_int(
+ hEncryptNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_map_put_int(
+ hEncryptBad, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_map_put_int(hEncrypt, 1, cn,
+ COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_map_put_int(
+ hEncrypt, 1, NULL, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_map_get_int(hEncryptNULL, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_map_get_int(hEncryptBad, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_map_put_int(hEncryptNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_map_put_int(hEncryptBad, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_map_put_int(hEncrypt, 1, cn, COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Enveloped_map_put_int(hEncrypt, 1, NULL, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_encrypt(hEncryptNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_encrypt(hEncryptBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_decrypt(hEncryptNULL, hRecipient, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_decrypt(hEncryptBad, hRecipient, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_decrypt(hEncrypt, hRecipientNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_decrypt(hEncrypt, hRecipientBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_map_get_int(hEncryptNULL, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_map_get_int(hEncryptBad, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_AddRecipient(hEncryptNULL, hRecipient, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_AddRecipient(hEncryptBad, hRecipient, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_AddRecipient(hEncrypt, hRecipientNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_AddRecipient(hEncrypt, hRecipientBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncryptNULL, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncryptBad, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_encrypt(hEncryptNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_encrypt(hEncryptBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Enveloped_SetExternal(hEncryptNULL, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_SetExternal(hEncryptBad, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_SetExternal(hEncrypt, NULL, 10, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Enveloped_decrypt(hEncryptNULL, hRecipient, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_decrypt(hEncryptBad, hRecipient, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_decrypt(hEncrypt, hRecipientNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_decrypt(hEncrypt, hRecipientBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
-
-
- CHECK_FAILURE(COSE_Enveloped_AddRecipient(hEncryptNULL, hRecipient, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_AddRecipient(hEncryptBad, hRecipient, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_AddRecipient(hEncrypt, hRecipientNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_AddRecipient(hEncrypt, hRecipientBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
-
- CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncryptNULL, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncryptBad, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
-
- CHECK_FAILURE(COSE_Enveloped_SetExternal(hEncryptNULL, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_SetExternal(hEncryptBad, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_SetExternal(hEncrypt, NULL, 10, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
-
- if (!COSE_Enveloped_Free(hEncrypt)) CFails++;
- if (!COSE_Recipient_Free(hRecipient)) CFails++;
-
+ if (!COSE_Enveloped_Free(hEncrypt))
+ CFails++;
+ if (!COSE_Recipient_Free(hRecipient))
+ CFails++;
//
// Unsupported algorithm
@@ -609,31 +770,53 @@
// Bad Int algorithm
hEncrypt = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEncrypt == NULL) CFails++;
- CHECK_RETURN(COSE_Enveloped_SetContent(hEncrypt, (byte *) "Message", 7, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Enveloped_map_put_int(hEncrypt, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, &cose_error), COSE_ERR_NONE, CFails++);
- hRecipient = COSE_Recipient_from_shared_secret(rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecipient == NULL) CFails++;
- CHECK_RETURN(COSE_Enveloped_AddRecipient(hEncrypt, hRecipient, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_encrypt(hEncrypt, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hEncrypt == NULL)
+ CFails++;
+ CHECK_RETURN(
+ COSE_Enveloped_SetContent(hEncrypt, (byte *)"Message", 7, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(COSE_Enveloped_map_put_int(hEncrypt, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ hRecipient = COSE_Recipient_from_shared_secret(
+ rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecipient == NULL)
+ CFails++;
+ CHECK_RETURN(COSE_Enveloped_AddRecipient(hEncrypt, hRecipient, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_encrypt(hEncrypt, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Recipient_Free(hRecipient);
COSE_Enveloped_Free(hEncrypt);
-
hEncrypt = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEncrypt == NULL) CFails++;
- CHECK_RETURN(COSE_Enveloped_SetContent(hEncrypt, (byte *) "Message", 7, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Enveloped_map_put_int(hEncrypt, COSE_Header_Algorithm, cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, &cose_error), COE_ERR_NONE, CFails++);
- hRecipient = COSE_Recipient_from_shared_secret(rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecipient == NULL) CFails++;
- CHECK_RETURN(COSE_Enveloped_AddRecipient(hEncrypt, hRecipient, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_encrypt(hEncrypt, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hEncrypt == NULL)
+ CFails++;
+ CHECK_RETURN(
+ COSE_Enveloped_SetContent(hEncrypt, (byte *)"Message", 7, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(
+ COSE_Enveloped_map_put_int(hEncrypt, COSE_Header_Algorithm,
+ cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, &cose_error),
+ COE_ERR_NONE, CFails++);
+ hRecipient = COSE_Recipient_from_shared_secret(
+ rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecipient == NULL)
+ CFails++;
+ CHECK_RETURN(COSE_Enveloped_AddRecipient(hEncrypt, hRecipient, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_encrypt(hEncrypt, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
//
// Over shoot the recipients
- CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncrypt, -1, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncrypt, 9, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncrypt, -1, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE_PTR(COSE_Enveloped_GetRecipient(hEncrypt, 9, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
COSE_Enveloped_Free(hEncrypt);
COSE_Recipient_Free(hRecipient);
@@ -647,52 +830,78 @@
{
HCOSE_ENCRYPT hEncrypt = NULL;
byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
cose_errback cose_error;
// Missing case - addref then release on item
// NULL Handle checks
- if (COSE_Encrypt_SetContent(hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Encrypt_map_get_int(hEncrypt, 1, COSE_BOTH, NULL)) CFails++;
- if (COSE_Encrypt_map_put_int(hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL)) CFails++;
- if (COSE_Encrypt_SetExternal(hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), NULL)) CFails++;
- if (COSE_Encrypt_decrypt(hEncrypt, rgb, sizeof(rgb), NULL)) CFails++;
- if (COSE_Encrypt_Free((HCOSE_ENCRYPT)hEncrypt)) CFails++;
+ if (COSE_Encrypt_SetContent(hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Encrypt_map_get_int(hEncrypt, 1, COSE_BOTH, NULL))
+ CFails++;
+ if (COSE_Encrypt_map_put_int(hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (COSE_Encrypt_SetExternal(hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), NULL))
+ CFails++;
+ if (COSE_Encrypt_decrypt(hEncrypt, rgb, sizeof(rgb), NULL))
+ CFails++;
+ if (COSE_Encrypt_Free((HCOSE_ENCRYPT)hEncrypt))
+ CFails++;
- // Wrong type of handle checks
+ // Wrong type of handle checks
#if INCLUDE_MAC
- hEncrypt = (HCOSE_ENCRYPT) COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hEncrypt = (HCOSE_ENCRYPT)COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#else
hEncrypt = (HCOSE_ENCRYPT)COSE_CALLOC(1, sizeof(COSE), context);
#endif
- if (COSE_Encrypt_SetContent(hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Encrypt_map_get_int(hEncrypt, 1, COSE_BOTH, NULL)) CFails++;
- if (COSE_Encrypt_map_put_int(hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL)) CFails++;
- if (COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), NULL)) CFails++;
- if (COSE_Encrypt_SetExternal(hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Encrypt_decrypt(hEncrypt, rgb, sizeof(rgb), NULL)) CFails++;
- if (COSE_Encrypt_Free(hEncrypt)) CFails++;
+ if (COSE_Encrypt_SetContent(hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Encrypt_map_get_int(hEncrypt, 1, COSE_BOTH, NULL))
+ CFails++;
+ if (COSE_Encrypt_map_put_int(hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), NULL))
+ CFails++;
+ if (COSE_Encrypt_SetExternal(hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Encrypt_decrypt(hEncrypt, rgb, sizeof(rgb), NULL))
+ CFails++;
+ if (COSE_Encrypt_Free(hEncrypt))
+ CFails++;
//
// Unsupported algorithm
hEncrypt = COSE_Encrypt_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEncrypt == NULL) CFails++;
- if (!COSE_Encrypt_SetContent(hEncrypt, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Encrypt_map_put_int(hEncrypt, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- CHECK_FAILURE(COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hEncrypt == NULL)
+ CFails++;
+ if (!COSE_Encrypt_SetContent(hEncrypt, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Encrypt_map_put_int(hEncrypt, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Encrypt_Free(hEncrypt);
hEncrypt = COSE_Encrypt_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEncrypt == NULL) CFails++;
- if (!COSE_Encrypt_SetContent(hEncrypt, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Encrypt_map_put_int(hEncrypt, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- CHECK_FAILURE(COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hEncrypt == NULL)
+ CFails++;
+ if (!COSE_Encrypt_SetContent(hEncrypt, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Encrypt_map_put_int(hEncrypt, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Encrypt_encrypt(hEncrypt, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Encrypt_Free(hEncrypt);
return;
@@ -707,62 +916,110 @@
HCOSE_RECIPIENT hRecipBad;
cose_errback cose_error;
byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(1, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cn = cn_cbor_int_create(1, CBOR_CONTEXT_PARAM_COMMA NULL);
- hRecip = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA &cose_error);
+ hRecip = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA & cose_error);
#if INCLUDE_SIGN
- hRecipBad = (HCOSE_RECIPIENT)COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA &cose_error);
+ hRecipBad = (HCOSE_RECIPIENT)COSE_Signer_Init(
+ CBOR_CONTEXT_PARAM_COMMA & cose_error);
#else
hRecipBad = (HCOSE_RECIPIENT)COSE_CALLOC(1, sizeof(COSE), context);
#endif
// Check for invalid parameters
- CHECK_FAILURE_PTR(COSE_Recipient_from_shared_secret(NULL, 0, NULL, 0, CBOR_CONTEXT_PARAM_COMMA &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE_PTR(COSE_Recipient_from_shared_secret(NULL, 0, NULL, 0,
+ CBOR_CONTEXT_PARAM_COMMA & cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetKey_secret(hRecipNULL, rgb, sizeof(rgb), NULL, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetKey_secret(hRecipBad, rgb, sizeof(rgb), NULL, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetKey_secret(hRecip, NULL, sizeof(rgb), NULL, 0, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetKey_secret(
+ hRecipNULL, rgb, sizeof(rgb), NULL, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetKey_secret(
+ hRecipBad, rgb, sizeof(rgb), NULL, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetKey_secret(
+ hRecip, NULL, sizeof(rgb), NULL, 0, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetKey(hRecipNULL, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetKey(hRecipBad, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetKey(hRecip, NULL, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetKey(hRecipNULL, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetKey(hRecipBad, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetKey(hRecip, NULL, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecipNULL, cn, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecipBad, cn, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecip, NULL, 0, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecip, cn, 3, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_RETURN(COSE_Recipient_SetSenderKey(hRecip, cn, 0, &cose_error), COSE_ERR_NONE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecipNULL, cn, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecipBad, cn, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecip, NULL, 0, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetSenderKey(hRecip, cn, 3, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_RETURN(COSE_Recipient_SetSenderKey(hRecip, cn, 0, &cose_error),
+ COSE_ERR_NONE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetExternal(hRecipNULL, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_SetExternal(hRecipBad, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetExternal(hRecipNULL, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_SetExternal(hRecipBad, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_get_int(hRecipNULL, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_get_int(hRecipBad, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_get_int(hRecip, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(
+ COSE_Recipient_map_get_int(hRecipNULL, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Recipient_map_get_int(hRecipBad, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_map_get_int(hRecip, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_put_int(hRecipNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_put_int(hRecipBad, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_put_int(hRecip, 1, NULL, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_map_put_int(hRecip, 1, cn, COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Recipient_map_put_int(
+ hRecipNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_map_put_int(
+ hRecipBad, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_map_put_int(
+ hRecip, 1, NULL, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Recipient_map_put_int(hRecip, 1, cn,
+ COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecipNULL, hRecip, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecipBad, hRecip, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecip, hRecipNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecip, hRecipBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecipNULL, hRecip, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecipBad, hRecip, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecip, hRecipNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Recipient_AddRecipient(hRecip, hRecipBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
COSE_Recipient_Free(hRecip);
// Unknown algorithms
#if INCLUDE_ENCRYPT
- HCOSE_ENVELOPED hEnv = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ HCOSE_ENVELOPED hEnv =
+ COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
hRecip = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- CHECK_RETURN(COSE_Enveloped_map_put_int(hEnv, COSE_Header_Algorithm, cn_cbor_int_create(COSE_Algorithm_AES_GCM_128, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Enveloped_SetContent(hEnv, (byte *)"This the body", 13, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Recipient_map_put_int(hRecip, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Enveloped_AddRecipient(hEnv, hRecip, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_encrypt(hEnv, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ CHECK_RETURN(COSE_Enveloped_map_put_int(hEnv, COSE_Header_Algorithm,
+ cn_cbor_int_create(COSE_Algorithm_AES_GCM_128,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(COSE_Enveloped_SetContent(
+ hEnv, (byte *)"This the body", 13, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(COSE_Recipient_map_put_int(hRecip, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(COSE_Enveloped_AddRecipient(hEnv, hRecip, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_encrypt(hEnv, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Enveloped_Free(hEnv);
COSE_Recipient_Free(hRecip);
@@ -770,11 +1027,23 @@
hEnv = COSE_Enveloped_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
hRecip = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- CHECK_RETURN(COSE_Enveloped_map_put_int(hEnv, COSE_Header_Algorithm, cn_cbor_int_create(COSE_Algorithm_AES_GCM_128, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Enveloped_SetContent(hEnv, (byte *)"This the body", 13, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Recipient_map_put_int(hRecip, COSE_Header_Algorithm, cn_cbor_string_create("Unknown", CBOR_CONTEXT_PARAM_COMMA NULL), COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_RETURN(COSE_Enveloped_AddRecipient(hEnv, hRecip, &cose_error), COSE_ERR_NONE, CFails++);
- CHECK_FAILURE(COSE_Enveloped_encrypt(hEnv, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ CHECK_RETURN(COSE_Enveloped_map_put_int(hEnv, COSE_Header_Algorithm,
+ cn_cbor_int_create(COSE_Algorithm_AES_GCM_128,
+ CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(COSE_Enveloped_SetContent(
+ hEnv, (byte *)"This the body", 13, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(
+ COSE_Recipient_map_put_int(hRecip, COSE_Header_Algorithm,
+ cn_cbor_string_create("Unknown", CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_RETURN(COSE_Enveloped_AddRecipient(hEnv, hRecip, &cose_error),
+ COSE_ERR_NONE, CFails++);
+ CHECK_FAILURE(COSE_Enveloped_encrypt(hEnv, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Enveloped_Free(hEnv);
COSE_Recipient_Free(hRecip);
diff --git a/test/json.c b/test/json.c
index a786744..ce92fd0 100644
--- a/test/json.c
+++ b/test/json.c
@@ -9,94 +9,103 @@
#include "json.h"
#ifdef USE_CBOR_CONTEXT
-extern cn_cbor_context * context;
+extern cn_cbor_context *context;
#define CBOR_CONTEXT_PARAM , context
-#define CBOR_CONTEXT_PARAM_COMMA context ,
+#define CBOR_CONTEXT_PARAM_COMMA context,
#else
#define CBOR_CONTEXT_PARAM
#define CBOR_CONTEXT_PARAM_COMMA
#endif
-
-const cn_cbor * ParseString(char * rgch, int ib, int cch)
+const cn_cbor *ParseString(char *rgch, int ib, int cch)
{
char ch;
int ib2;
- cn_cbor * node = NULL;
- cn_cbor * parent = NULL;
- cn_cbor * root = NULL;
+ cn_cbor *node = NULL;
+ cn_cbor *parent = NULL;
+ cn_cbor *root = NULL;
for (; ib < cch; ib++) {
node = NULL;
ch = rgch[ib];
switch (ch) {
- case '{':
- node = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
- break;
+ case '{':
+ node = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
+ break;
- case '[':
- node = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA NULL);
- break;
+ case '[':
+ node = cn_cbor_array_create(CBOR_CONTEXT_PARAM_COMMA NULL);
+ break;
- case '}':
- case ']':
- if (parent == NULL) {
+ case '}':
+ case ']':
+ if (parent == NULL) {
+ fprintf(stderr, "Parse failure @ '%s'\n", &rgch[ib]);
+ return NULL;
+ }
+ parent = parent->parent;
+ break;
+
+ case ' ':
+ case '\r':
+ case '\n':
+ case ':':
+ case ',':
+ break;
+
+ case '"':
+ for (ib2 = ib + 1; ib2 < cch; ib2++)
+ if (rgch[ib2] == '"')
+ break;
+ rgch[ib2] = 0;
+ node = cn_cbor_string_create(
+ &rgch[ib + 1], CBOR_CONTEXT_PARAM_COMMA NULL);
+ // rgch[ib2] = '"';
+ ib = ib2;
+ break;
+
+ case 't':
+ if (strncmp(&rgch[ib], "true", 4) != 0)
+ goto error;
+ node =
+ cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ node->type = CN_CBOR_TRUE;
+ ib += 3;
+ break;
+
+ case 'f':
+ if (strncmp(&rgch[ib], "false", 5) != 0)
+ goto error;
+ node =
+ cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ node->type = CN_CBOR_FALSE;
+ ib += 4;
+ break;
+
+ case '0':
+ case '1':
+ case '2':
+ case '3':
+ case '4':
+ case '5':
+ case '6':
+ case '7':
+ case '8':
+ case '9':
+ case '-':
+ node = cn_cbor_int_create(
+ atol(&rgch[ib]), CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (rgch[ib] == '-')
+ ib++;
+ while (isdigit(rgch[ib]))
+ ib++;
+ ib--;
+ break;
+
+ default:
+ error:
fprintf(stderr, "Parse failure @ '%s'\n", &rgch[ib]);
return NULL;
- }
- parent = parent->parent;
- break;
-
- case ' ':
- case '\r':
- case '\n':
- case':':
- case ',':
- break;
-
- case '"':
- for (ib2 = ib + 1; ib2 < cch; ib2++) if (rgch[ib2] == '"') break;
- rgch[ib2] = 0;
- node = cn_cbor_string_create(&rgch[ib+1], CBOR_CONTEXT_PARAM_COMMA NULL);
- // rgch[ib2] = '"';
- ib = ib2;
- break;
-
- case't':
- if (strncmp(&rgch[ib], "true", 4) != 0) goto error;
- node = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
- node->type = CN_CBOR_TRUE;
- ib += 3;
- break;
-
- case'f':
- if (strncmp(&rgch[ib], "false", 5) != 0) goto error;
- node = cn_cbor_data_create(NULL, 0, CBOR_CONTEXT_PARAM_COMMA NULL);
- node->type = CN_CBOR_FALSE;
- ib += 4;
- break;
-
- case '0':
- case '1':
- case '2':
- case '3':
- case '4':
- case '5':
- case '6':
- case '7':
- case '8':
- case'9':
- case'-':
- node = cn_cbor_int_create(atol(&rgch[ib]), CBOR_CONTEXT_PARAM_COMMA NULL);
- if (rgch[ib] == '-') ib++;
- while (isdigit(rgch[ib])) ib++;
- ib--;
- break;
-
- default:
- error:
- fprintf(stderr, "Parse failure @ '%s'\n", &rgch[ib]);
- return NULL;
}
if ((node != NULL) && (parent != NULL)) {
@@ -104,8 +113,7 @@
if (parent->last_child != NULL) {
parent->last_child->next = node;
parent->last_child = node;
- }
- else {
+ } else {
parent->first_child = node;
}
parent->last_child = node;
@@ -117,59 +125,54 @@
}
if (parent == NULL) {
parent = node;
- if (root == NULL) root = node;
+ if (root == NULL)
+ root = node;
}
}
return root;
}
-const cn_cbor * ParseJson(const char * fileName)
+const cn_cbor *ParseJson(const char *fileName)
{
- int cch;
- char * rgch;
- FILE * fp = fopen(fileName, "r");
+ int cch;
+ char *rgch;
+ FILE *fp = fopen(fileName, "r");
if (fp == NULL) {
fprintf(stderr, "Cannot open file '%s'\n", fileName);
-
+
return NULL;
}
rgch = malloc(8 * 1024);
- cch = (int) fread(rgch, 1, 8*1024, fp);
+ cch = (int)fread(rgch, 1, 8 * 1024, fp);
fclose(fp);
return ParseString(rgch, 0, cch);
}
-
static void build_decoding_table();
-
-static char encoding_table[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H',
-'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P',
-'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
-'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f',
-'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n',
-'o', 'p', 'q', 'r', 's', 't', 'u', 'v',
-'w', 'x', 'y', 'z', '0', '1', '2', '3',
-'4', '5', '6', '7', '8', '9', '-', '_' };
+static char encoding_table[] = {'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I',
+ 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X',
+ 'Y', 'Z', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+ 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1',
+ '2', '3', '4', '5', '6', '7', '8', '9', '-', '_'};
static unsigned char *decoding_table = NULL;
-static int mod_table[] = { 0, 2, 1 };
-
+static int mod_table[] = {0, 2, 1};
char *base64_encode(const unsigned char *data,
size_t input_length,
- size_t *output_length) {
-
+ size_t *output_length)
+{
*output_length = 4 * ((input_length + 2) / 3);
char *encoded_data = malloc(*output_length);
- if (encoded_data == NULL) return NULL;
+ if (encoded_data == NULL)
+ return NULL;
for (size_t i = 0, j = 0; i < input_length;) {
-
uint32_t octet_a = i < input_length ? (unsigned char)data[i++] : 0;
uint32_t octet_b = i < input_length ? (unsigned char)data[i++] : 0;
uint32_t octet_c = i < input_length ? (unsigned char)data[i++] : 0;
@@ -188,13 +191,14 @@
return encoded_data;
}
-
unsigned char *base64_decode(const char *data,
size_t input_length,
- size_t *output_length) {
- char * p = NULL;
+ size_t *output_length)
+{
+ char *p = NULL;
- if (decoding_table == NULL) build_decoding_table();
+ if (decoding_table == NULL)
+ build_decoding_table();
if (input_length % 4 != 0) {
int c = 4 - (input_length % 4);
@@ -206,61 +210,67 @@
}
*output_length = input_length / 4 * 3;
- if (data[input_length - 1] == '=') (*output_length)--;
- if (data[input_length - 2] == '=') (*output_length)--;
+ if (data[input_length - 1] == '=')
+ (*output_length)--;
+ if (data[input_length - 2] == '=')
+ (*output_length)--;
unsigned char *decoded_data = malloc(*output_length);
if (decoded_data == NULL) {
- if (p != NULL) free(p);
+ if (p != NULL)
+ free(p);
return NULL;
}
for (unsigned int i = 0, j = 0; i < input_length;) {
+ uint32_t sextet_a =
+ data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int)data[i++]];
+ uint32_t sextet_b =
+ data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int)data[i++]];
+ uint32_t sextet_c =
+ data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int)data[i++]];
+ uint32_t sextet_d =
+ data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int)data[i++]];
- uint32_t sextet_a = data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int) data[i++]];
- uint32_t sextet_b = data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int) data[i++]];
- uint32_t sextet_c = data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int) data[i++]];
- uint32_t sextet_d = data[i] == '=' ? 0 & i++ : (unsigned)decoding_table[(int) data[i++]];
+ uint32_t triple = (sextet_a << 3 * 6) + (sextet_b << 2 * 6) +
+ (sextet_c << 1 * 6) + (sextet_d << 0 * 6);
- uint32_t triple = (sextet_a << 3 * 6)
- + (sextet_b << 2 * 6)
- + (sextet_c << 1 * 6)
- + (sextet_d << 0 * 6);
-
- if (j < *output_length) decoded_data[j++] = (triple >> 2 * 8) & 0xFF;
- if (j < *output_length) decoded_data[j++] = (triple >> 1 * 8) & 0xFF;
- if (j < *output_length) decoded_data[j++] = (triple >> 0 * 8) & 0xFF;
+ if (j < *output_length)
+ decoded_data[j++] = (triple >> 2 * 8) & 0xFF;
+ if (j < *output_length)
+ decoded_data[j++] = (triple >> 1 * 8) & 0xFF;
+ if (j < *output_length)
+ decoded_data[j++] = (triple >> 0 * 8) & 0xFF;
}
free(p);
return decoded_data;
}
-
-static void build_decoding_table() {
-
+static void build_decoding_table()
+{
decoding_table = malloc(256);
for (int i = 0; i < 64; i++)
- decoding_table[(int) encoding_table[i]] = (unsigned char) i;
+ decoding_table[(int)encoding_table[i]] = (unsigned char)i;
}
-
-void base64_cleanup() {
+void base64_cleanup()
+{
free(decoding_table);
}
-unsigned char* hex_decode(const char* data,
+unsigned char *hex_decode(const char *data,
size_t input_length,
- size_t* output_length) {
-
- if (input_length % 2 != 0) {
+ size_t *output_length)
+{
+ if (input_length % 2 != 0) {
return NULL;
}
*output_length = input_length / 2;
- unsigned char* decoded_data = malloc(*output_length);
+ unsigned char *decoded_data = malloc(*output_length);
if (decoded_data == NULL) {
return NULL;
}
@@ -268,15 +278,18 @@
for (unsigned int i = 0, j = 0; i < input_length; i++) {
int c;
- if ('0' <= data[i] && data[i] <= '9') c = data[i] - '0';
- else if ('A' <= data[i] && data[i] <= 'F') c = data[i] - 'A' + 10;
- else if ('a' <= data[i] && data[i] <= 'f') c = data[i] - 'a' + 10;
- else return NULL;
+ if ('0' <= data[i] && data[i] <= '9')
+ c = data[i] - '0';
+ else if ('A' <= data[i] && data[i] <= 'F')
+ c = data[i] - 'A' + 10;
+ else if ('a' <= data[i] && data[i] <= 'f')
+ c = data[i] - 'a' + 10;
+ else
+ return NULL;
if ((i & 0x1) == 0) {
- decoded_data[j] = ((unsigned char) c << 4);
- }
- else {
+ decoded_data[j] = ((unsigned char)c << 4);
+ } else {
decoded_data[j++] |= (unsigned char)c;
}
}
diff --git a/test/json.h b/test/json.h
index 6dbef75..68f8e86 100644
--- a/test/json.h
+++ b/test/json.h
@@ -1,5 +1,9 @@
#pragma once
-const cn_cbor * ParseJson(const char * fileName);
-unsigned char *base64_decode(const char *data, size_t input_length, size_t *output_length);
-unsigned char* hex_decode(const char* data, size_t input_length, size_t* output_length);
+const cn_cbor* ParseJson(const char* fileName);
+unsigned char* base64_decode(const char* data,
+ size_t input_length,
+ size_t* output_length);
+unsigned char* hex_decode(const char* data,
+ size_t input_length,
+ size_t* output_length);
diff --git a/test/mac_test.c b/test/mac_test.c
index 9b6828f..dcd63aa 100644
--- a/test/mac_test.c
+++ b/test/mac_test.c
@@ -15,16 +15,18 @@
#include "context.h"
#ifdef _MSC_VER
-#pragma warning (disable: 4127)
+#pragma warning(disable : 4127)
#endif
#if INCLUDE_MAC
-int _ValidateMAC(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded)
+int _ValidateMAC(const cn_cbor *pControl,
+ const byte *pbEncoded,
+ size_t cbEncoded)
{
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor * pFail;
- const cn_cbor * pMac;
- const cn_cbor * pRecipients;
+ const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor *pFail;
+ const cn_cbor *pMac;
+ const cn_cbor *pRecipients;
HCOSE_MAC hMAC;
int type;
int iRecipient;
@@ -38,7 +40,8 @@
fFailBody = true;
}
- hMAC = (HCOSE_MAC) COSE_Decode(pbEncoded, cbEncoded, &type, COSE_mac_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hMAC = (HCOSE_MAC)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_mac_object,
+ CBOR_CONTEXT_PARAM_COMMA NULL);
if (hMAC == NULL) {
if (fFailBody) {
return 0;
@@ -46,20 +49,25 @@
goto failTest;
}
- if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) goto failTest;
+ if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP))
+ goto failTest;
pMac = cn_cbor_mapget_string(pInput, "mac");
- if ((pMac == NULL) || (pMac->type != CN_CBOR_MAP)) goto failTest;
+ if ((pMac == NULL) || (pMac->type != CN_CBOR_MAP))
+ goto failTest;
- if (!SetReceivingAttributes((HCOSE)hMAC, pMac, Attributes_MAC_protected)) goto failTest;
+ if (!SetReceivingAttributes((HCOSE)hMAC, pMac, Attributes_MAC_protected))
+ goto failTest;
pRecipients = cn_cbor_mapget_string(pMac, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto failTest;
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto failTest;
- iRecipient = (int) pRecipients->length - 1;
+ iRecipient = (int)pRecipients->length - 1;
pRecipients = pRecipients->first_child;
- for (; pRecipients != NULL; iRecipient--, pRecipients=pRecipients->next) {
+ for (; pRecipients != NULL; iRecipient--, pRecipients = pRecipients->next) {
fAlgNoSupport = false;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
+ cn_cbor *pkey =
+ BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
if (pkey == NULL) {
fFail = true;
continue;
@@ -71,28 +79,34 @@
continue;
}
- if (!SetReceivingAttributes((HCOSE)hRecip, pRecipients, Attributes_Recipient_protected)) goto failTest;
+ if (!SetReceivingAttributes(
+ (HCOSE)hRecip, pRecipients, Attributes_Recipient_protected))
+ goto failTest;
if (!COSE_Recipient_SetKey(hRecip, pkey, NULL)) {
fFail = true;
continue;
}
- cn_cbor * cnStatic = cn_cbor_mapget_string(pRecipients, "sender_key");
+ cn_cbor *cnStatic = cn_cbor_mapget_string(pRecipients, "sender_key");
if (cnStatic != NULL) {
- if (COSE_Recipient_map_get_int(hRecip, COSE_Header_ECDH_SPK, COSE_BOTH, NULL) == 0) {
- COSE_Recipient_map_put_int(hRecip, COSE_Header_ECDH_SPK, BuildKey(cnStatic, true), COSE_DONT_SEND, NULL);
+ if (COSE_Recipient_map_get_int(
+ hRecip, COSE_Header_ECDH_SPK, COSE_BOTH, NULL) == 0) {
+ COSE_Recipient_map_put_int(hRecip, COSE_Header_ECDH_SPK,
+ BuildKey(cnStatic, true), COSE_DONT_SEND, NULL);
}
}
pFail = cn_cbor_mapget_string(pRecipients, "fail");
- cn_cbor * alg = COSE_Mac_map_get_int(hMAC, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ cn_cbor *alg =
+ COSE_Mac_map_get_int(hMAC, COSE_Header_Algorithm, COSE_BOTH, NULL);
if (!IsAlgorithmSupported(alg)) {
fAlgNoSupport = true;
}
- alg = COSE_Recipient_map_get_int(hRecip, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ alg = COSE_Recipient_map_get_int(
+ hRecip, COSE_Header_Algorithm, COSE_BOTH, NULL);
if (!IsAlgorithmSupported(alg)) {
fAlgNoSupport = true;
}
@@ -100,15 +114,14 @@
if (COSE_Mac_validate(hMAC, hRecip, NULL)) {
if (fAlgNoSupport) {
fFail = true;
- } else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE)){
+ } else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE)) {
fFail = true;
}
- }
- else {
+ } else {
if (fAlgNoSupport) {
returnCode = 0;
- }
- else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE)) fFail = true;
+ } else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE))
+ fFail = true;
}
COSE_Recipient_Free(hRecip);
@@ -117,11 +130,14 @@
COSE_Mac_Free(hMAC);
if (fFailBody) {
- if (!fFail) fFail = true;
- else fFail = false;
+ if (!fFail)
+ fFail = true;
+ else
+ fFail = false;
}
- if (fFail) CFails += 1;
+ if (fFail)
+ CFails += 1;
return returnCode;
failTest:
@@ -129,15 +145,15 @@
return 0;
}
-int ValidateMAC(const cn_cbor * pControl)
+int ValidateMAC(const cn_cbor *pControl)
{
int cbEncoded = 0;
- byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ byte *pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
return _ValidateMAC(pControl, pbEncoded, cbEncoded);
}
-int BuildMacMessage(const cn_cbor * pControl)
+int BuildMacMessage(const cn_cbor *pControl)
{
int iRecipient = 0;
@@ -145,51 +161,69 @@
// We don't run this for all control sequences - skip those marked fail.
//
- const cn_cbor * pFail = cn_cbor_mapget_string(pControl, "fail");
- if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) return 0;
+ const cn_cbor *pFail = cn_cbor_mapget_string(pControl, "fail");
+ if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE))
+ return 0;
HCOSE_MAC hMacObj = COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- const cn_cbor * pInputs = cn_cbor_mapget_string(pControl, "input");
- if (pInputs == NULL) goto returnError;
- const cn_cbor * pMac = cn_cbor_mapget_string(pInputs, "mac");
- if (pMac == NULL) goto returnError;
+ const cn_cbor *pInputs = cn_cbor_mapget_string(pControl, "input");
+ if (pInputs == NULL)
+ goto returnError;
+ const cn_cbor *pMac = cn_cbor_mapget_string(pInputs, "mac");
+ if (pMac == NULL)
+ goto returnError;
- const cn_cbor * pContent = cn_cbor_mapget_string(pInputs, "plaintext");
- if (!COSE_Mac_SetContent(hMacObj, pContent->v.bytes, pContent->length, NULL)) goto returnError;
+ const cn_cbor *pContent = cn_cbor_mapget_string(pInputs, "plaintext");
+ if (!COSE_Mac_SetContent(
+ hMacObj, pContent->v.bytes, pContent->length, NULL))
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hMacObj, pMac, Attributes_MAC_protected)) goto returnError;
+ if (!SetSendingAttributes((HCOSE)hMacObj, pMac, Attributes_MAC_protected))
+ goto returnError;
- const cn_cbor * pRecipients = cn_cbor_mapget_string(pMac, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto returnError;
+ const cn_cbor *pRecipients = cn_cbor_mapget_string(pMac, "recipients");
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto returnError;
pRecipients = pRecipients->first_child;
- for (iRecipient = 0; pRecipients != NULL; iRecipient++, pRecipients = pRecipients->next) {
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
- if (pkey == NULL) goto returnError;
+ for (iRecipient = 0; pRecipients != NULL;
+ iRecipient++, pRecipients = pRecipients->next) {
+ cn_cbor *pkey =
+ BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
+ if (pkey == NULL)
+ goto returnError;
- HCOSE_RECIPIENT hRecip = COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecip == NULL) goto returnError;
+ HCOSE_RECIPIENT hRecip =
+ COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecip == NULL)
+ goto returnError;
- if (!SetSendingAttributes((HCOSE) hRecip, pRecipients, Attributes_Recipient_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hRecip, pRecipients, Attributes_Recipient_protected))
+ goto returnError;
- if (!COSE_Recipient_SetKey(hRecip, pkey, NULL))goto returnError;
+ if (!COSE_Recipient_SetKey(hRecip, pkey, NULL))
+ goto returnError;
- cn_cbor * pSenderKey = cn_cbor_mapget_string(pRecipients, "sender_key");
+ cn_cbor *pSenderKey = cn_cbor_mapget_string(pRecipients, "sender_key");
if (pSenderKey != NULL) {
- cn_cbor * pSendKey = BuildKey(pSenderKey, false);
- if (!COSE_Recipient_SetSenderKey(hRecip, pSendKey, 2, NULL)) goto returnError;
+ cn_cbor *pSendKey = BuildKey(pSenderKey, false);
+ if (!COSE_Recipient_SetSenderKey(hRecip, pSendKey, 2, NULL))
+ goto returnError;
}
- if (!COSE_Mac_AddRecipient(hMacObj, hRecip, NULL)) goto returnError;
+ if (!COSE_Mac_AddRecipient(hMacObj, hRecip, NULL))
+ goto returnError;
COSE_Recipient_Free(hRecip);
}
- if (!COSE_Mac_encrypt(hMacObj, NULL)) goto returnError;
+ if (!COSE_Mac_encrypt(hMacObj, NULL))
+ goto returnError;
size_t cb = COSE_Encode((HCOSE)hMacObj, NULL, 0, 0) + 1;
- byte * rgb = (byte *)malloc(cb);
+ byte *rgb = (byte *)malloc(cb);
cb = COSE_Encode((HCOSE)hMacObj, rgb, 0, cb);
COSE_Mac_Free(hMacObj);
@@ -207,35 +241,48 @@
int MacMessage()
{
HCOSE_MAC hEncObj = COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- char * sz = "This is the content to be used";
- byte rgbSecret[256 / 8] = { 'a', 'b', 'c' };
- byte rgbKid[6] = { 'a', 'b', 'c', 'd', 'e', 'f' };
+ char *sz = "This is the content to be used";
+ byte rgbSecret[256 / 8] = {'a', 'b', 'c'};
+ byte rgbKid[6] = {'a', 'b', 'c', 'd', 'e', 'f'};
int cbKid = 6;
size_t cb = 0;
- byte * rgb = NULL;
+ byte *rgb = NULL;
- if (hEncObj == NULL) goto errorReturn;
+ if (hEncObj == NULL)
+ goto errorReturn;
- if (!COSE_Mac_map_put_int(hEncObj, COSE_Header_Algorithm, cn_cbor_int_create(COSE_Algorithm_HMAC_256_256, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) goto errorReturn;
- if (!COSE_Mac_SetContent(hEncObj, (byte *)sz, strlen(sz), NULL))goto errorReturn;
+ if (!COSE_Mac_map_put_int(hEncObj, COSE_Header_Algorithm,
+ cn_cbor_int_create(
+ COSE_Algorithm_HMAC_256_256, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ goto errorReturn;
+ if (!COSE_Mac_SetContent(hEncObj, (byte *)sz, strlen(sz), NULL))
+ goto errorReturn;
- HCOSE_RECIPIENT hRecip = COSE_Recipient_from_shared_secret(rgbSecret, sizeof(rgbSecret), rgbKid, cbKid, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecip == NULL) goto errorReturn;
- if (!COSE_Mac_AddRecipient(hEncObj, hRecip, NULL)) goto errorReturn;
+ HCOSE_RECIPIENT hRecip = COSE_Recipient_from_shared_secret(rgbSecret,
+ sizeof(rgbSecret), rgbKid, cbKid, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecip == NULL)
+ goto errorReturn;
+ if (!COSE_Mac_AddRecipient(hEncObj, hRecip, NULL))
+ goto errorReturn;
- if (!COSE_Mac_encrypt(hEncObj, NULL)) goto errorReturn;
+ if (!COSE_Mac_encrypt(hEncObj, NULL))
+ goto errorReturn;
cb = COSE_Encode((HCOSE)hEncObj, NULL, 0, 0);
- if (cb == 0) goto errorReturn;
+ if (cb == 0)
+ goto errorReturn;
rgb = (byte *)malloc(cb);
- if (rgb == NULL) goto errorReturn;
+ if (rgb == NULL)
+ goto errorReturn;
cb = COSE_Encode((HCOSE)hEncObj, rgb, 0, cb);
- if (cb == 0) goto errorReturn;
+ if (cb == 0)
+ goto errorReturn;
COSE_Mac_Free(hEncObj);
- FILE * fp = fopen("test.mac.cbor", "wb");
+ FILE *fp = fopen("test.mac.cbor", "wb");
fwrite(rgb, cb, 1, fp);
fclose(fp);
@@ -253,19 +300,25 @@
/* */
int typ;
- hEncObj = (HCOSE_MAC) COSE_Decode(rgb, (int) cb, &typ, COSE_mac_object, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEncObj == NULL) goto errorReturn;
+ hEncObj = (HCOSE_MAC)COSE_Decode(
+ rgb, (int)cb, &typ, COSE_mac_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hEncObj == NULL)
+ goto errorReturn;
int iRecipient = 0;
do {
HCOSE_RECIPIENT hRecip2;
hRecip2 = COSE_Mac_GetRecipient(hEncObj, iRecipient, NULL);
- if (hRecip2 == NULL) break;
+ if (hRecip2 == NULL)
+ break;
- if (!COSE_Recipient_SetKey_secret(hRecip2, rgbSecret, sizeof(rgbSecret), NULL, 0, NULL)) goto errorReturn;
+ if (!COSE_Recipient_SetKey_secret(
+ hRecip2, rgbSecret, sizeof(rgbSecret), NULL, 0, NULL))
+ goto errorReturn;
- if (!COSE_Mac_validate(hEncObj, hRecip2, NULL)) goto errorReturn;
+ if (!COSE_Mac_validate(hEncObj, hRecip2, NULL))
+ goto errorReturn;
iRecipient += 1;
@@ -284,12 +337,14 @@
#endif
#if INCLUDE_MAC0
-int _ValidateMac0(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded)
+int _ValidateMac0(const cn_cbor *pControl,
+ const byte *pbEncoded,
+ size_t cbEncoded)
{
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor * pFail;
- const cn_cbor * pMac;
- const cn_cbor * pRecipients;
+ const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor *pFail;
+ const cn_cbor *pMac;
+ const cn_cbor *pRecipients;
HCOSE_MAC0 hMAC;
int type;
bool fFail = false;
@@ -301,23 +356,31 @@
fFailBody = true;
}
- hMAC = (HCOSE_MAC0)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_mac0_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hMAC = (HCOSE_MAC0)COSE_Decode(pbEncoded, cbEncoded, &type,
+ COSE_mac0_object, CBOR_CONTEXT_PARAM_COMMA NULL);
if (hMAC == NULL) {
- if (fFailBody) return 0; else goto errorReturn;
+ if (fFailBody)
+ return 0;
+ else
+ goto errorReturn;
}
- if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) goto errorReturn;
+ if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP))
+ goto errorReturn;
pMac = cn_cbor_mapget_string(pInput, "mac0");
- if ((pMac == NULL) || (pMac->type != CN_CBOR_MAP)) goto errorReturn;
+ if ((pMac == NULL) || (pMac->type != CN_CBOR_MAP))
+ goto errorReturn;
- if (!SetReceivingAttributes((HCOSE)hMAC, pMac, Attributes_MAC0_protected)) goto errorReturn;
+ if (!SetReceivingAttributes((HCOSE)hMAC, pMac, Attributes_MAC0_protected))
+ goto errorReturn;
pRecipients = cn_cbor_mapget_string(pMac, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto errorReturn;
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto errorReturn;
pRecipients = pRecipients->first_child;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), true);
if (pkey == NULL) {
fFail = true;
goto exitHere;
@@ -325,33 +388,36 @@
cn_cbor *k = cn_cbor_mapget_int(pkey, -1);
- cn_cbor * alg = COSE_Mac0_map_get_int(hMAC, COSE_Header_Algorithm, COSE_BOTH, NULL);
- if (!IsAlgorithmSupported(alg)) fUnsuportedAlg = true;
+ cn_cbor *alg =
+ COSE_Mac0_map_get_int(hMAC, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ if (!IsAlgorithmSupported(alg))
+ fUnsuportedAlg = true;
pFail = cn_cbor_mapget_string(pRecipients, "fail");
if (COSE_Mac0_validate(hMAC, k->v.bytes, k->length, NULL)) {
if (fUnsuportedAlg) {
fFail = true;
fUnsuportedAlg = false;
- }
- else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE)) fFail = true;
+ } else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE))
+ fFail = true;
+ } else {
+ if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE))
+ fFail = true;
+ if (fUnsuportedAlg)
+ fFail = false;
}
- else {
-
- if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE)) fFail = true;
- if (fUnsuportedAlg) fFail = false;
- }
-
-
COSE_Mac0_Free(hMAC);
if (fFailBody) {
- if (!fFail) fFail = true;
- else fFail = false;
+ if (!fFail)
+ fFail = true;
+ else
+ fFail = false;
}
exitHere:
- if (fFail) CFails += 1;
+ if (fFail)
+ CFails += 1;
return 0;
errorReturn:
@@ -359,50 +425,58 @@
return (fFail || fUnsuportedAlg) ? 0 : 1;
}
-int ValidateMac0(const cn_cbor * pControl)
+int ValidateMac0(const cn_cbor *pControl)
{
int cbEncoded;
- byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ byte *pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
return _ValidateMac0(pControl, pbEncoded, cbEncoded);
}
-int BuildMac0Message(const cn_cbor * pControl)
+int BuildMac0Message(const cn_cbor *pControl)
{
-
//
// We don't run this for all control sequences - skip those marked fail.
//
- const cn_cbor * pFail = cn_cbor_mapget_string(pControl, "fail");
- if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) return 0;
+ const cn_cbor *pFail = cn_cbor_mapget_string(pControl, "fail");
+ if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE))
+ return 0;
HCOSE_MAC0 hMacObj = COSE_Mac0_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- const cn_cbor * pInputs = cn_cbor_mapget_string(pControl, "input");
- if (pInputs == NULL) goto returnError;
- const cn_cbor * pMac = cn_cbor_mapget_string(pInputs, "mac0");
- if (pMac == NULL) goto returnError;
+ const cn_cbor *pInputs = cn_cbor_mapget_string(pControl, "input");
+ if (pInputs == NULL)
+ goto returnError;
+ const cn_cbor *pMac = cn_cbor_mapget_string(pInputs, "mac0");
+ if (pMac == NULL)
+ goto returnError;
- const cn_cbor * pContent = cn_cbor_mapget_string(pInputs, "plaintext");
- if (!COSE_Mac0_SetContent(hMacObj, pContent->v.bytes, pContent->length, NULL)) goto returnError;
+ const cn_cbor *pContent = cn_cbor_mapget_string(pInputs, "plaintext");
+ if (!COSE_Mac0_SetContent(
+ hMacObj, pContent->v.bytes, pContent->length, NULL))
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hMacObj, pMac, Attributes_MAC0_protected)) goto returnError;
+ if (!SetSendingAttributes((HCOSE)hMacObj, pMac, Attributes_MAC0_protected))
+ goto returnError;
- const cn_cbor * pRecipients = cn_cbor_mapget_string(pMac, "recipients");
- if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY)) goto returnError;
+ const cn_cbor *pRecipients = cn_cbor_mapget_string(pMac, "recipients");
+ if ((pRecipients == NULL) || (pRecipients->type != CN_CBOR_ARRAY))
+ goto returnError;
pRecipients = pRecipients->first_child;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
- if (pkey == NULL) goto returnError;
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pRecipients, "key"), false);
+ if (pkey == NULL)
+ goto returnError;
- cn_cbor * k = cn_cbor_mapget_int(pkey, -1);
+ cn_cbor *k = cn_cbor_mapget_int(pkey, -1);
- if (!COSE_Mac0_encrypt(hMacObj, k->v.bytes, k->length, NULL)) goto returnError;
+ if (!COSE_Mac0_encrypt(hMacObj, k->v.bytes, k->length, NULL))
+ goto returnError;
size_t cb = COSE_Encode((HCOSE)hMacObj, NULL, 0, 0) + 1;
- byte * rgb = (byte *)malloc(cb);
+ byte *rgb = (byte *)malloc(cb);
cb = COSE_Encode((HCOSE)hMacObj, rgb, 0, cb);
COSE_Mac0_Free(hMacObj);
@@ -421,30 +495,40 @@
#if INCLUDE_MAC
void MAC_Corners()
{
- HCOSE_MAC hMAC = NULL;
- HCOSE_ENCRYPT hEncrypt = NULL;
+ HCOSE_MAC hMAC = NULL;
+ HCOSE_ENCRYPT hEncrypt = NULL;
HCOSE_RECIPIENT hRecipient = NULL;
- byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
+ byte rgb[10];
+ cn_cbor *cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
cose_errback cose_error;
- // Missing case - addref then release on item
+ // Missing case - addref then release on item
- // Incorrect algorithm
+ // Incorrect algorithm
- hMAC = (HCOSE_MAC) COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hMAC = (HCOSE_MAC)COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- // Invalid Handle checks
+ // Invalid Handle checks
- if (COSE_Mac_SetContent((HCOSE_MAC)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac_map_get_int((HCOSE_MAC)hEncrypt, 1, COSE_BOTH, NULL)) CFails++;
- if (COSE_Mac_map_put_int((HCOSE_MAC)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL)) CFails++;
- if (COSE_Mac_encrypt((HCOSE_MAC)hEncrypt, NULL)) CFails++;
- if (COSE_Mac_validate((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL)) CFails++;
- if (COSE_Mac_AddRecipient((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL)) CFails++;
- if (COSE_Mac_GetRecipient((HCOSE_MAC)hEncrypt, 0, NULL)) CFails++;
- if (COSE_Mac_SetExternal((HCOSE_MAC)hEncrypt, rgb, 0, NULL)) CFails++;
- if (COSE_Mac_Free((HCOSE_MAC)hEncrypt)) CFails++;
+ if (COSE_Mac_SetContent((HCOSE_MAC)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac_map_get_int((HCOSE_MAC)hEncrypt, 1, COSE_BOTH, NULL))
+ CFails++;
+ if (COSE_Mac_map_put_int(
+ (HCOSE_MAC)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (COSE_Mac_encrypt((HCOSE_MAC)hEncrypt, NULL))
+ CFails++;
+ if (COSE_Mac_validate((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL))
+ CFails++;
+ if (COSE_Mac_AddRecipient((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL))
+ CFails++;
+ if (COSE_Mac_GetRecipient((HCOSE_MAC)hEncrypt, 0, NULL))
+ CFails++;
+ if (COSE_Mac_SetExternal((HCOSE_MAC)hEncrypt, rgb, 0, NULL))
+ CFails++;
+ if (COSE_Mac_Free((HCOSE_MAC)hEncrypt))
+ CFails++;
#if INCLUDE_ENCRYPT0
hEncrypt = COSE_Encrypt_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
@@ -452,38 +536,66 @@
hEncrypt = (HCOSE_ENCRYPT)COSE_CALLOC(1, sizeof(COSE), context);
#endif
- if (COSE_Mac_SetContent((HCOSE_MAC)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac_map_get_int((HCOSE_MAC)hEncrypt, 1, COSE_BOTH, NULL)) CFails++;
- if (COSE_Mac_map_put_int((HCOSE_MAC)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL)) CFails++;
- if (COSE_Mac_encrypt((HCOSE_MAC)hEncrypt, NULL)) CFails++;
- if (COSE_Mac_validate((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL)) CFails++;
- if (COSE_Mac_AddRecipient((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL)) CFails++;
- if (COSE_Mac_GetRecipient((HCOSE_MAC)hEncrypt, 0, NULL)) CFails++;
- if (COSE_Mac_SetExternal((HCOSE_MAC)hEncrypt, rgb, 0, NULL)) CFails++;
- if (COSE_Mac_Free((HCOSE_MAC)hEncrypt)) CFails++;
+ if (COSE_Mac_SetContent((HCOSE_MAC)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac_map_get_int((HCOSE_MAC)hEncrypt, 1, COSE_BOTH, NULL))
+ CFails++;
+ if (COSE_Mac_map_put_int(
+ (HCOSE_MAC)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (COSE_Mac_encrypt((HCOSE_MAC)hEncrypt, NULL))
+ CFails++;
+ if (COSE_Mac_validate((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL))
+ CFails++;
+ if (COSE_Mac_AddRecipient((HCOSE_MAC)hEncrypt, (HCOSE_RECIPIENT)hMAC, NULL))
+ CFails++;
+ if (COSE_Mac_GetRecipient((HCOSE_MAC)hEncrypt, 0, NULL))
+ CFails++;
+ if (COSE_Mac_SetExternal((HCOSE_MAC)hEncrypt, rgb, 0, NULL))
+ CFails++;
+ if (COSE_Mac_Free((HCOSE_MAC)hEncrypt))
+ CFails++;
- //
+ //
// Unsupported algorithm
hMAC = COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hMAC == NULL) CFails++;
- if (!COSE_Mac_SetContent(hMAC, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Mac_map_put_int(hMAC, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- hRecipient = COSE_Recipient_from_shared_secret(rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecipient == NULL) CFails++;
- if (!COSE_Mac_AddRecipient(hMAC, hRecipient, NULL)) CFails++;
- CHECK_FAILURE(COSE_Mac_encrypt(hMAC, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hMAC == NULL)
+ CFails++;
+ if (!COSE_Mac_SetContent(hMAC, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Mac_map_put_int(hMAC, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ hRecipient = COSE_Recipient_from_shared_secret(
+ rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecipient == NULL)
+ CFails++;
+ if (!COSE_Mac_AddRecipient(hMAC, hRecipient, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Mac_encrypt(hMAC, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Mac_Free(hMAC);
COSE_Recipient_Free(hRecipient);
hMAC = COSE_Mac_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hMAC == NULL) CFails++;
- if (!COSE_Mac_SetContent(hMAC, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Mac_map_put_int(hMAC, COSE_Header_Algorithm, cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- hRecipient = COSE_Recipient_from_shared_secret(rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hRecipient == NULL) CFails++;
- if (!COSE_Mac_AddRecipient(hMAC, hRecipient, NULL)) CFails++;
- CHECK_FAILURE(COSE_Mac_encrypt(hMAC, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hMAC == NULL)
+ CFails++;
+ if (!COSE_Mac_SetContent(hMAC, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Mac_map_put_int(hMAC, COSE_Header_Algorithm,
+ cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ hRecipient = COSE_Recipient_from_shared_secret(
+ rgb, sizeof(rgb), rgb, sizeof(rgb), CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hRecipient == NULL)
+ CFails++;
+ if (!COSE_Mac_AddRecipient(hMAC, hRecipient, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Mac_encrypt(hMAC, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Recipient_Free(hRecipient);
COSE_Mac_Free(hMAC);
@@ -499,7 +611,7 @@
HCOSE_ENCRYPT hEncrypt = NULL;
HCOSE_MAC0 hMAC = NULL;
byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
cose_errback cose_error;
hEncrypt = COSE_Encrypt_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
@@ -508,40 +620,68 @@
// Invalid Handle checks
- if (COSE_Mac0_SetContent((HCOSE_MAC0)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac0_map_get_int((HCOSE_MAC0)hEncrypt, 1, COSE_BOTH, NULL)) CFails++;
- if (COSE_Mac0_map_put_int((HCOSE_MAC0)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL)) CFails++;
- if (COSE_Mac0_encrypt((HCOSE_MAC0)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac0_validate((HCOSE_MAC0)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac0_SetExternal((HCOSE_MAC0)hEncrypt, rgb, 0, NULL)) CFails++;
- if (COSE_Mac0_Free((HCOSE_MAC0)hEncrypt)) CFails++;
+ if (COSE_Mac0_SetContent((HCOSE_MAC0)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac0_map_get_int((HCOSE_MAC0)hEncrypt, 1, COSE_BOTH, NULL))
+ CFails++;
+ if (COSE_Mac0_map_put_int(
+ (HCOSE_MAC0)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (COSE_Mac0_encrypt((HCOSE_MAC0)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac0_validate((HCOSE_MAC0)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac0_SetExternal((HCOSE_MAC0)hEncrypt, rgb, 0, NULL))
+ CFails++;
+ if (COSE_Mac0_Free((HCOSE_MAC0)hEncrypt))
+ CFails++;
hEncrypt = COSE_Encrypt_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (COSE_Mac0_SetContent((HCOSE_MAC0)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac0_map_get_int((HCOSE_MAC0)hEncrypt, 1, COSE_BOTH, NULL)) CFails++;
- if (COSE_Mac0_map_put_int((HCOSE_MAC0)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL)) CFails++;
- if (COSE_Mac0_encrypt((HCOSE_MAC0)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac0_validate((HCOSE_MAC0)hEncrypt, rgb, 10, NULL)) CFails++;
- if (COSE_Mac0_SetExternal((HCOSE_MAC0)hEncrypt, rgb, 0, NULL)) CFails++;
+ if (COSE_Mac0_SetContent((HCOSE_MAC0)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac0_map_get_int((HCOSE_MAC0)hEncrypt, 1, COSE_BOTH, NULL))
+ CFails++;
+ if (COSE_Mac0_map_put_int(
+ (HCOSE_MAC0)hEncrypt, 1, cn, COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (COSE_Mac0_encrypt((HCOSE_MAC0)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac0_validate((HCOSE_MAC0)hEncrypt, rgb, 10, NULL))
+ CFails++;
+ if (COSE_Mac0_SetExternal((HCOSE_MAC0)hEncrypt, rgb, 0, NULL))
+ CFails++;
- if (COSE_Mac0_Free((HCOSE_MAC0)hEncrypt)) CFails++;
+ if (COSE_Mac0_Free((HCOSE_MAC0)hEncrypt))
+ CFails++;
//
// Unsupported algorithm
hMAC = COSE_Mac0_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hMAC == NULL) CFails++;
- if (!COSE_Mac0_SetContent(hMAC, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Mac0_map_put_int(hMAC, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- CHECK_FAILURE(COSE_Mac0_encrypt(hMAC, rgb, sizeof(rgb), &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hMAC == NULL)
+ CFails++;
+ if (!COSE_Mac0_SetContent(hMAC, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Mac0_map_put_int(hMAC, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Mac0_encrypt(hMAC, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Mac0_Free(hMAC);
hMAC = COSE_Mac0_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hMAC == NULL) CFails++;
- if (!COSE_Mac0_SetContent(hMAC, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Mac0_map_put_int(hMAC, COSE_Header_Algorithm, cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- CHECK_FAILURE(COSE_Mac0_encrypt(hMAC, rgb, sizeof(rgb), &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (hMAC == NULL)
+ CFails++;
+ if (!COSE_Mac0_SetContent(hMAC, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Mac0_map_put_int(hMAC, COSE_Header_Algorithm,
+ cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Mac0_encrypt(hMAC, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Mac0_Free(hMAC);
}
#endif
diff --git a/test/sign.c b/test/sign.c
index 008caaa..22a949d 100644
--- a/test/sign.c
+++ b/test/sign.c
@@ -8,7 +8,8 @@
#include <cose/cose.h>
#include <cose/cose_configure.h>
#include <cn-cbor/cn-cbor.h>
-#if (INCLUDE_SIGN && !(INCLUDE_SIGN1 || INCLUDE_ENCRYPT || INCLUDE_MAC)) || (INCLUDE_SIGN1 && !INCLUDE_SIGN)
+#if (INCLUDE_SIGN && !(INCLUDE_SIGN1 || INCLUDE_ENCRYPT || INCLUDE_MAC)) || \
+ (INCLUDE_SIGN1 && !INCLUDE_SIGN)
#include <cose_int.h>
#endif
@@ -17,17 +18,19 @@
#include "context.h"
#ifdef _MSC_VER
-#pragma warning (disable: 4127)
+#pragma warning(disable : 4127)
#endif
#if INCLUDE_SIGN
-int _ValidateSigned(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded)
+int _ValidateSigned(const cn_cbor *pControl,
+ const byte *pbEncoded,
+ size_t cbEncoded)
{
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor * pFail;
- const cn_cbor * pSign;
- const cn_cbor * pSigners;
- HCOSE_SIGN hSig;
+ const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor *pFail;
+ const cn_cbor *pSign;
+ const cn_cbor *pSigners;
+ HCOSE_SIGN hSig;
int type;
int iSigner;
bool fFail = false;
@@ -39,24 +42,32 @@
fFailBody = true;
}
- if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) goto returnError;
+ if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP))
+ goto returnError;
pSign = cn_cbor_mapget_string(pInput, "sign");
- if ((pSign == NULL) || (pSign->type != CN_CBOR_MAP)) goto returnError;
+ if ((pSign == NULL) || (pSign->type != CN_CBOR_MAP))
+ goto returnError;
pSigners = cn_cbor_mapget_string(pSign, "signers");
- if ((pSigners == NULL) || (pSigners->type != CN_CBOR_ARRAY)) goto returnError;
+ if ((pSigners == NULL) || (pSigners->type != CN_CBOR_ARRAY))
+ goto returnError;
- iSigner = (int) pSigners->length - 1;
+ iSigner = (int)pSigners->length - 1;
pSigners = pSigners->first_child;
for (; pSigners != NULL; iSigner--, pSigners = pSigners->next) {
-
- hSig = (HCOSE_SIGN)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_sign_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hSig = (HCOSE_SIGN)COSE_Decode(pbEncoded, cbEncoded, &type,
+ COSE_sign_object, CBOR_CONTEXT_PARAM_COMMA NULL);
if (hSig == NULL) {
- if (fFailBody) return 0; else goto returnError;
+ if (fFailBody)
+ return 0;
+ else
+ goto returnError;
}
- if (!SetReceivingAttributes((HCOSE)hSig, pSign, Attributes_Sign_protected)) goto returnError;
+ if (!SetReceivingAttributes(
+ (HCOSE)hSig, pSign, Attributes_Sign_protected))
+ goto returnError;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pSigners, "key"), false);
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pSigners, "key"), false);
if (pkey == NULL) {
fFail = true;
continue;
@@ -67,29 +78,32 @@
fFail = true;
continue;
}
- if (!SetReceivingAttributes((HCOSE)hSigner, pSigners, Attributes_Signer_protected)) goto returnError;
+ if (!SetReceivingAttributes(
+ (HCOSE)hSigner, pSigners, Attributes_Signer_protected))
+ goto returnError;
if (!COSE_Signer_SetKey(hSigner, pkey, NULL)) {
fFail = true;
continue;
}
- cn_cbor * alg = COSE_Signer_map_get_int(hSigner, COSE_Header_Algorithm, COSE_BOTH, 0);
- if (!IsAlgorithmSupported(alg)) fNoSupportAlg = true;
+ cn_cbor *alg = COSE_Signer_map_get_int(
+ hSigner, COSE_Header_Algorithm, COSE_BOTH, 0);
+ if (!IsAlgorithmSupported(alg))
+ fNoSupportAlg = true;
pFail = cn_cbor_mapget_string(pSigners, "fail");
if (COSE_Sign_validate(hSig, hSigner, NULL)) {
if (fNoSupportAlg) {
fFail = true;
- }
- else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE)) fFail = true;
- }
- else {
+ } else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE))
+ fFail = true;
+ } else {
if (fNoSupportAlg) {
fFailBody = false;
fFail = false;
- }
- else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE)) fFail = true;
+ } else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE))
+ fFail = true;
}
COSE_Sign_Free(hSig);
@@ -97,11 +111,14 @@
}
if (fFailBody) {
- if (!fFail) fFail = true;
- else fFail = false;
+ if (!fFail)
+ fFail = true;
+ else
+ fFail = false;
}
- if (fFail) CFails += 1;
+ if (fFail)
+ CFails += 1;
return fNoSupportAlg ? 0 : 1;
returnError:
@@ -109,15 +126,15 @@
return 0;
}
-int ValidateSigned(const cn_cbor * pControl)
+int ValidateSigned(const cn_cbor *pControl)
{
int cbEncoded;
- byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ byte *pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
return _ValidateSigned(pControl, pbEncoded, cbEncoded);
}
-int BuildSignedMessage(const cn_cbor * pControl)
+int BuildSignedMessage(const cn_cbor *pControl)
{
int iSigner;
@@ -125,45 +142,60 @@
// We don't run this for all control sequences - skip those marked fail.
//
- const cn_cbor * pFail = cn_cbor_mapget_string(pControl, "fail");
- if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) return 0;
+ const cn_cbor *pFail = cn_cbor_mapget_string(pControl, "fail");
+ if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE))
+ return 0;
HCOSE_SIGN hSignObj = COSE_Sign_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- const cn_cbor * pInputs = cn_cbor_mapget_string(pControl, "input");
- if (pInputs == NULL) goto returnError;
- const cn_cbor * pSign = cn_cbor_mapget_string(pInputs, "sign");
- if (pSign == NULL) goto returnError;
+ const cn_cbor *pInputs = cn_cbor_mapget_string(pControl, "input");
+ if (pInputs == NULL)
+ goto returnError;
+ const cn_cbor *pSign = cn_cbor_mapget_string(pInputs, "sign");
+ if (pSign == NULL)
+ goto returnError;
- const cn_cbor * pContent = cn_cbor_mapget_string(pInputs, "plaintext");
- if (!COSE_Sign_SetContent(hSignObj, pContent->v.bytes, pContent->length, NULL)) goto returnError;
+ const cn_cbor *pContent = cn_cbor_mapget_string(pInputs, "plaintext");
+ if (!COSE_Sign_SetContent(
+ hSignObj, pContent->v.bytes, pContent->length, NULL))
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hSignObj, pSign, Attributes_Sign_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hSignObj, pSign, Attributes_Sign_protected))
+ goto returnError;
- const cn_cbor * pSigners = cn_cbor_mapget_string(pSign, "signers");
- if ((pSigners == NULL) || (pSigners->type != CN_CBOR_ARRAY)) goto returnError;
+ const cn_cbor *pSigners = cn_cbor_mapget_string(pSign, "signers");
+ if ((pSigners == NULL) || (pSigners->type != CN_CBOR_ARRAY))
+ goto returnError;
pSigners = pSigners->first_child;
for (iSigner = 0; pSigners != NULL; iSigner++, pSigners = pSigners->next) {
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pSigners, "key"), false);
- if (pkey == NULL) goto returnError;
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pSigners, "key"), false);
+ if (pkey == NULL)
+ goto returnError;
HCOSE_SIGNER hSigner = COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSigner == NULL) goto returnError;
+ if (hSigner == NULL)
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hSigner, pSigners, Attributes_Signer_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hSigner, pSigners, Attributes_Signer_protected))
+ goto returnError;
- if (!COSE_Signer_SetKey(hSigner, pkey, NULL)) goto returnError;
+ if (!COSE_Signer_SetKey(hSigner, pkey, NULL))
+ goto returnError;
- if (!COSE_Sign_AddSigner(hSignObj, hSigner, NULL)) goto returnError;
+ if (!COSE_Sign_AddSigner(hSignObj, hSigner, NULL))
+ goto returnError;
COSE_Signer_Free(hSigner);
}
- if (!COSE_Sign_Sign(hSignObj, NULL)) goto returnError;
+ if (!COSE_Sign_Sign(hSignObj, NULL))
+ goto returnError;
size_t cb = COSE_Encode((HCOSE)hSignObj, NULL, 0, 0) + 1;
- byte * rgb = (byte *)malloc(cb);
+ byte *rgb = (byte *)malloc(cb);
cb = COSE_Encode((HCOSE)hSignObj, rgb, 0, cb);
COSE_Sign_Free(hSignObj);
@@ -178,29 +210,50 @@
return 1;
}
-
int SignMessage()
{
HCOSE_SIGN hEncObj = COSE_Sign_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- char * sz = "This is the content to be used";
+ char *sz = "This is the content to be used";
size_t cb;
- byte * rgb;
+ byte *rgb;
- byte rgbX[] = { 0x65, 0xed, 0xa5, 0xa1, 0x25, 0x77, 0xc2, 0xba, 0xe8, 0x29, 0x43, 0x7f, 0xe3, 0x38, 0x70, 0x1a, 0x10, 0xaa, 0xa3, 0x75, 0xe1, 0xbb, 0x5b, 0x5d, 0xe1, 0x08, 0xde, 0x43, 0x9c, 0x08, 0x55, 0x1d };
- byte rgbY[] = { 0x1e, 0x52, 0xed, 0x75, 0x70, 0x11, 0x63, 0xf7, 0xf9, 0xe4, 0x0d, 0xdf, 0x9f, 0x34, 0x1b, 0x3d, 0xc9, 0xba, 0x86, 0x0a, 0xf7, 0xe0, 0xca, 0x7c, 0xa7, 0xe9, 0xee, 0xcd, 0x00, 0x84, 0xd1, 0x9c };
- byte kid[] = { 0x6d, 0x65, 0x72, 0x69, 0x61, 0x64, 0x6f, 0x63, 0x2e, 0x62, 0x72, 0x61, 0x6e, 0x64, 0x79, 0x62, 0x75, 0x63, 0x6, 0xb4, 0x06, 0x27, 0x56, 0x36, 0xb6, 0xc6, 0x16, 0xe6, 0x42, 0xe6, 0x57, 0x86, 0x16, 0xd7, 0x06, 0x65};
- byte rgbD[] = {0xaf, 0xf9, 0x07, 0xc9, 0x9f, 0x9a, 0xd3, 0xaa, 0xe6, 0xc4, 0xcd, 0xf2, 0x11, 0x22, 0xbc, 0xe2, 0xbd, 0x68, 0xb5, 0x28, 0x3e, 0x69, 0x07, 0x15, 0x4a, 0xd9, 0x11, 0x84, 0x0f, 0xa2, 0x08, 0xcf};
+ byte rgbX[] = {0x65, 0xed, 0xa5, 0xa1, 0x25, 0x77, 0xc2, 0xba, 0xe8, 0x29,
+ 0x43, 0x7f, 0xe3, 0x38, 0x70, 0x1a, 0x10, 0xaa, 0xa3, 0x75, 0xe1, 0xbb,
+ 0x5b, 0x5d, 0xe1, 0x08, 0xde, 0x43, 0x9c, 0x08, 0x55, 0x1d};
+ byte rgbY[] = {0x1e, 0x52, 0xed, 0x75, 0x70, 0x11, 0x63, 0xf7, 0xf9, 0xe4,
+ 0x0d, 0xdf, 0x9f, 0x34, 0x1b, 0x3d, 0xc9, 0xba, 0x86, 0x0a, 0xf7, 0xe0,
+ 0xca, 0x7c, 0xa7, 0xe9, 0xee, 0xcd, 0x00, 0x84, 0xd1, 0x9c};
+ byte kid[] = {0x6d, 0x65, 0x72, 0x69, 0x61, 0x64, 0x6f, 0x63, 0x2e, 0x62,
+ 0x72, 0x61, 0x6e, 0x64, 0x79, 0x62, 0x75, 0x63, 0x6, 0xb4, 0x06, 0x27,
+ 0x56, 0x36, 0xb6, 0xc6, 0x16, 0xe6, 0x42, 0xe6, 0x57, 0x86, 0x16, 0xd7,
+ 0x06, 0x65};
+ byte rgbD[] = {0xaf, 0xf9, 0x07, 0xc9, 0x9f, 0x9a, 0xd3, 0xaa, 0xe6, 0xc4,
+ 0xcd, 0xf2, 0x11, 0x22, 0xbc, 0xe2, 0xbd, 0x68, 0xb5, 0x28, 0x3e, 0x69,
+ 0x07, 0x15, 0x4a, 0xd9, 0x11, 0x84, 0x0f, 0xa2, 0x08, 0xcf};
- cn_cbor * pkey = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_mapput_int(pkey, COSE_Key_Type, cn_cbor_int_create(COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_mapput_int(pkey, -1, cn_cbor_int_create(1, CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_mapput_int(pkey, -2, cn_cbor_data_create(rgbX, sizeof(rgbX), CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_mapput_int(pkey, -3, cn_cbor_data_create(rgbY, sizeof(rgbY), CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_mapput_int(pkey, COSE_Key_ID, cn_cbor_data_create(kid, sizeof(kid), CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_mapput_int(pkey, -4, cn_cbor_data_create(rgbD, sizeof(rgbD), CBOR_CONTEXT_PARAM_COMMA NULL), CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *pkey = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_mapput_int(pkey, COSE_Key_Type,
+ cn_cbor_int_create(COSE_Key_Type_EC2, CBOR_CONTEXT_PARAM_COMMA NULL),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_mapput_int(pkey, -1,
+ cn_cbor_int_create(1, CBOR_CONTEXT_PARAM_COMMA NULL),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_mapput_int(pkey, -2,
+ cn_cbor_data_create(rgbX, sizeof(rgbX), CBOR_CONTEXT_PARAM_COMMA NULL),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_mapput_int(pkey, -3,
+ cn_cbor_data_create(rgbY, sizeof(rgbY), CBOR_CONTEXT_PARAM_COMMA NULL),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_mapput_int(pkey, COSE_Key_ID,
+ cn_cbor_data_create(kid, sizeof(kid), CBOR_CONTEXT_PARAM_COMMA NULL),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_mapput_int(pkey, -4,
+ cn_cbor_data_create(rgbD, sizeof(rgbD), CBOR_CONTEXT_PARAM_COMMA NULL),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
- COSE_Sign_SetContent(hEncObj, (byte *) sz, strlen(sz), NULL);
- COSE_Signer_Free(COSE_Sign_add_signer(hEncObj, pkey, COSE_Algorithm_ECDSA_SHA_256, NULL));
+ COSE_Sign_SetContent(hEncObj, (byte *)sz, strlen(sz), NULL);
+ COSE_Signer_Free(COSE_Sign_add_signer(
+ hEncObj, pkey, COSE_Algorithm_ECDSA_SHA_256, NULL));
COSE_Sign_Sign(hEncObj, NULL);
@@ -210,7 +263,7 @@
COSE_Sign_Free(hEncObj);
- FILE * fp = fopen("test.mac.cbor", "wb");
+ FILE *fp = fopen("test.mac.cbor", "wb");
fwrite(rgb, cb, 1, fp);
fclose(fp);
@@ -228,7 +281,8 @@
/* */
int typ;
- hEncObj = (HCOSE_SIGN)COSE_Decode(rgb, (int)cb, &typ, COSE_sign_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hEncObj = (HCOSE_SIGN)COSE_Decode(
+ rgb, (int)cb, &typ, COSE_sign_object, CBOR_CONTEXT_PARAM_COMMA NULL);
#if 0
int iSigner = 0;
@@ -254,12 +308,14 @@
#endif
#if INCLUDE_SIGN1
-int _ValidateSign1(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded)
+int _ValidateSign1(const cn_cbor *pControl,
+ const byte *pbEncoded,
+ size_t cbEncoded)
{
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
- const cn_cbor * pFail;
- const cn_cbor * pSign;
- HCOSE_SIGN1 hSig;
+ const cn_cbor *pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor *pFail;
+ const cn_cbor *pSign;
+ HCOSE_SIGN1 hSig;
int type;
bool fFail = false;
bool fFailBody = false;
@@ -270,51 +326,62 @@
fFailBody = true;
}
- if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) goto returnError;
+ if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP))
+ goto returnError;
pSign = cn_cbor_mapget_string(pInput, "sign0");
- if ((pSign == NULL) || (pSign->type != CN_CBOR_MAP)) goto returnError;
+ if ((pSign == NULL) || (pSign->type != CN_CBOR_MAP))
+ goto returnError;
- hSig = (HCOSE_SIGN1)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_sign1_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hSig = (HCOSE_SIGN1)COSE_Decode(pbEncoded, cbEncoded, &type,
+ COSE_sign1_object, CBOR_CONTEXT_PARAM_COMMA NULL);
if (hSig == NULL) {
- if (fFailBody) return 0; else goto returnError;
+ if (fFailBody)
+ return 0;
+ else
+ goto returnError;
}
- if (!SetReceivingAttributes((HCOSE)hSig, pSign, Attributes_Sign1_protected)) goto returnError;
+ if (!SetReceivingAttributes((HCOSE)hSig, pSign, Attributes_Sign1_protected))
+ goto returnError;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
if (pkey == NULL) {
fFail = true;
goto exitHere;
}
- cn_cbor * alg = COSE_Sign1_map_get_int(hSig, COSE_Header_Algorithm, COSE_BOTH, NULL);
- if (!IsAlgorithmSupported(alg)) fNoAlgSupport = true;
+ cn_cbor *alg =
+ COSE_Sign1_map_get_int(hSig, COSE_Header_Algorithm, COSE_BOTH, NULL);
+ if (!IsAlgorithmSupported(alg))
+ fNoAlgSupport = true;
pFail = cn_cbor_mapget_string(pInput, "fail");
if (COSE_Sign1_validate(hSig, pkey, NULL)) {
if (fNoAlgSupport) {
fFail = true;
- }
- else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE)) fFail = true;
- }
- else {
+ } else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE))
+ fFail = true;
+ } else {
if (fNoAlgSupport) {
fFailBody = false;
fFail = false;
- }
- else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE)) fFail = true;
+ } else if ((pFail == NULL) || (pFail->type == CN_CBOR_FALSE))
+ fFail = true;
}
COSE_Sign1_Free(hSig);
if (fFailBody) {
- if (!fFail) fFail = true;
- else fFail = false;
+ if (!fFail)
+ fFail = true;
+ else
+ fFail = false;
}
exitHere:
- if (fFail) CFails += 1;
+ if (fFail)
+ CFails += 1;
return fNoAlgSupport ? 0 : 1;
returnError:
@@ -322,43 +389,51 @@
return 0;
}
-int ValidateSign1(const cn_cbor * pControl)
+int ValidateSign1(const cn_cbor *pControl)
{
int cbEncoded = 0;
- byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ byte *pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
return _ValidateSign1(pControl, pbEncoded, cbEncoded);
}
-int BuildSign1Message(const cn_cbor * pControl)
+int BuildSign1Message(const cn_cbor *pControl)
{
//
// We don't run this for all control sequences - skip those marked fail.
//
- const cn_cbor * pFail = cn_cbor_mapget_string(pControl, "fail");
- if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE)) return 0;
+ const cn_cbor *pFail = cn_cbor_mapget_string(pControl, "fail");
+ if ((pFail != NULL) && (pFail->type == CN_CBOR_TRUE))
+ return 0;
HCOSE_SIGN1 hSignObj = COSE_Sign1_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- const cn_cbor * pInputs = cn_cbor_mapget_string(pControl, "input");
- if (pInputs == NULL) goto returnError;
- const cn_cbor * pSign = cn_cbor_mapget_string(pInputs, "sign0");
- if (pSign == NULL) goto returnError;
+ const cn_cbor *pInputs = cn_cbor_mapget_string(pControl, "input");
+ if (pInputs == NULL)
+ goto returnError;
+ const cn_cbor *pSign = cn_cbor_mapget_string(pInputs, "sign0");
+ if (pSign == NULL)
+ goto returnError;
- const cn_cbor * pContent = cn_cbor_mapget_string(pInputs, "plaintext");
- if (!COSE_Sign1_SetContent(hSignObj, pContent->v.bytes, pContent->length, NULL)) goto returnError;
+ const cn_cbor *pContent = cn_cbor_mapget_string(pInputs, "plaintext");
+ if (!COSE_Sign1_SetContent(
+ hSignObj, pContent->v.bytes, pContent->length, NULL))
+ goto returnError;
- if (!SetSendingAttributes((HCOSE)hSignObj, pSign, Attributes_Sign1_protected)) goto returnError;
+ if (!SetSendingAttributes(
+ (HCOSE)hSignObj, pSign, Attributes_Sign1_protected))
+ goto returnError;
- cn_cbor * pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
- if (pkey == NULL) goto returnError;
+ cn_cbor *pkey = BuildKey(cn_cbor_mapget_string(pSign, "key"), false);
+ if (pkey == NULL)
+ goto returnError;
-
- if (!COSE_Sign1_Sign(hSignObj, pkey, NULL)) goto returnError;
+ if (!COSE_Sign1_Sign(hSignObj, pkey, NULL))
+ goto returnError;
size_t cb = COSE_Encode((HCOSE)hSignObj, NULL, 0, 0) + 1;
- byte * rgb = (byte *)malloc(cb);
+ byte *rgb = (byte *)malloc(cb);
cb = COSE_Encode((HCOSE)hSignObj, rgb, 0, cb);
COSE_Sign1_Free(hSignObj);
@@ -384,19 +459,20 @@
HCOSE_SIGNER hSignerBad;
HCOSE_SIGNER hSignerNULL = NULL;
byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
cose_errback cose_error;
- hSign = COSE_Sign_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hSign = COSE_Sign_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#if INCLUDE_SIGN1
hSignBad = (HCOSE_SIGN)COSE_Sign1_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#else
hSignBad = (HCOSE_SIGN)COSE_CALLOC(1, sizeof(COSE), context);
#endif
- hSigner = COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA NULL);
+ hSigner = COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA NULL);
#if INCLUDE_ENCRYPT || INCLUDE_MAC
- hSignerBad = (HCOSE_SIGNER)COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
+ hSignerBad =
+ (HCOSE_SIGNER)COSE_Recipient_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
#else
hSignerBad = (HCOSE_SIGNER)COSE_CALLOC(1, sizeof(COSE), context);
#endif
@@ -409,56 +485,108 @@
// wrong type of handle
// Null handle checks
- CHECK_FAILURE(COSE_Sign_SetContent(hSignNULL, rgb, sizeof(rgb), &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_SetContent(hSignBad, rgb, sizeof(rgb), &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_SetContent(hSign, NULL, sizeof(rgb), &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign_SetContent(hSignNULL, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_SetContent(hSignBad, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_SetContent(hSign, NULL, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign_map_get_int(hSignNULL, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_map_get_int(hSignBad, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_map_get_int(hSign, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign_map_get_int(hSignNULL, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_map_get_int(hSignBad, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_map_get_int(hSign, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign_map_put_int(hSignNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_map_put_int(hSignBad, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_map_put_int(hSign, 1, NULL, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign_map_put_int(hSign, 1, cn, COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign_map_put_int(hSignNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign_map_put_int(hSignBad, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign_map_put_int(hSign, 1, NULL, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign_map_put_int(hSign, 1, cn,
+ COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign_AddSigner(hSignNULL, hSigner, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_AddSigner(hSignBad, hSigner, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_AddSigner(hSign, hSignerNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_AddSigner(hSign, hSignerBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_RETURN(COSE_Sign_AddSigner(hSign, hSigner, &cose_error), COSE_ERR_NONE, CFails++);
+ CHECK_FAILURE(COSE_Sign_AddSigner(hSignNULL, hSigner, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_AddSigner(hSignBad, hSigner, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_AddSigner(hSign, hSignerNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_AddSigner(hSign, hSignerBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_RETURN(COSE_Sign_AddSigner(hSign, hSigner, &cose_error),
+ COSE_ERR_NONE, CFails++);
- CHECK_FAILURE(COSE_Sign_add_signer(hSignNULL, cn, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_add_signer(hSignBad, cn, 0, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_add_signer(hSign, NULL, 0, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign_add_signer(hSignNULL, cn, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_add_signer(hSignBad, cn, 0, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_add_signer(hSign, NULL, 0, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign_GetSigner(hSignNULL, 1, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_GetSigner(hSignBad, 1, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_GetSigner(hSign, 2, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign_GetSigner(hSignNULL, 1, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_GetSigner(hSignBad, 1, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_GetSigner(hSign, 2, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign_Sign(hSignNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_Sign(hSignBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_Sign(hSignNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_Sign(hSignBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_validate(hSignNULL, hSigner, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_validate(hSignBad, hSigner, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_validate(hSign, hSignerNULL, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign_validate(hSign, hSignerBad, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_validate(hSignNULL, hSigner, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_validate(hSignBad, hSigner, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_validate(hSign, hSignerNULL, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign_validate(hSign, hSignerBad, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_SetKey(hSignerNULL, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_SetKey(hSignerBad, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_SetKey(hSigner, NULL, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Signer_SetKey(hSignerNULL, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Signer_SetKey(hSignerBad, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Signer_SetKey(hSigner, NULL, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Signer_map_get_int(hSignerNULL, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_map_get_int(hSignerBad, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_map_get_int(hSigner, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(
+ COSE_Signer_map_get_int(hSignerNULL, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Signer_map_get_int(hSignerBad, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Signer_map_get_int(hSigner, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Signer_map_put_int(hSignerNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_map_put_int(hSignerBad, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_map_put_int(hSigner, 1, NULL, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Signer_map_put_int(hSigner, 1, cn, COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Signer_map_put_int(
+ hSignerNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Signer_map_put_int(
+ hSignerBad, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Signer_map_put_int(
+ hSigner, 1, NULL, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Signer_map_put_int(hSigner, 1, cn,
+ COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Signer_SetExternal(hSignerNULL, rgb, sizeof(rgb), &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Signer_SetExternal(hSignerBad, rgb, sizeof(rgb), &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Signer_SetExternal(hSignerNULL, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Signer_SetExternal(hSignerBad, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
COSE_Sign_Free(hSign);
COSE_Signer_Free(hSigner);
@@ -466,34 +594,54 @@
// Unsupported algorithm
hSign = COSE_Sign_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSign == NULL) CFails++;
+ if (hSign == NULL)
+ CFails++;
hSigner = COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSigner == NULL) CFails++;
+ if (hSigner == NULL)
+ CFails++;
- if (!COSE_Sign_SetContent(hSign, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Signer_map_put_int(hSigner, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- if (!COSE_Sign_AddSigner(hSign, hSigner, NULL)) CFails++;
- CHECK_FAILURE(COSE_Sign_Sign(hSign, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
- if (COSE_Sign_GetSigner(hSign, 9, NULL)) CFails++;
+ if (!COSE_Sign_SetContent(hSign, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Signer_map_put_int(hSigner, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (!COSE_Sign_AddSigner(hSign, hSigner, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Sign_Sign(hSign, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (COSE_Sign_GetSigner(hSign, 9, NULL))
+ CFails++;
COSE_Sign_Free(hSign);
COSE_Signer_Free(hSigner);
hSign = COSE_Sign_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSign == NULL) CFails++;
+ if (hSign == NULL)
+ CFails++;
hSigner = COSE_Signer_Init(CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSigner == NULL) CFails++;
+ if (hSigner == NULL)
+ CFails++;
- if (!COSE_Sign_SetContent(hSign, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Signer_map_put_int(hSigner, COSE_Header_Algorithm, cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- if (!COSE_Sign_AddSigner(hSign, hSigner, NULL)) CFails++;
- CHECK_FAILURE(COSE_Sign_Sign(hSign, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
- if (COSE_Sign_GetSigner(hSign, 9, NULL)) CFails++;
+ if (!COSE_Sign_SetContent(hSign, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Signer_map_put_int(hSigner, COSE_Header_Algorithm,
+ cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ if (!COSE_Sign_AddSigner(hSign, hSigner, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Sign_Sign(hSign, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (COSE_Sign_GetSigner(hSign, 9, NULL))
+ CFails++;
- cn = COSE_Signer_map_get_int(hSigner, COSE_Header_Algorithm, COSE_BOTH, &cose_error);
+ cn = COSE_Signer_map_get_int(
+ hSigner, COSE_Header_Algorithm, COSE_BOTH, &cose_error);
if (cn != NULL) {
- if (cn->type != CN_CBOR_TEXT) CFails++;
- }
- else CFails++;
+ if (cn->type != CN_CBOR_TEXT)
+ CFails++;
+ } else
+ CFails++;
return;
}
@@ -507,7 +655,7 @@
HCOSE_SIGN1 hSignBad;
byte rgb[10];
- cn_cbor * cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor *cn = cn_cbor_int_create(5, CBOR_CONTEXT_PARAM_COMMA NULL);
cose_errback cose_error;
hSign = COSE_Sign1_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
@@ -522,29 +670,53 @@
// bad handle checks
// null pointers
- CHECK_FAILURE(COSE_Sign1_SetContent(hSignNULL, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_SetContent(hSignBad, rgb, 10, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_SetContent(hSign, NULL, 10, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign1_SetContent(hSignNULL, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_SetContent(hSignBad, rgb, 10, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_SetContent(hSign, NULL, 10, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_get_int(hSignNULL, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_get_int(hSignBad, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_get_int(hSign, 1, COSE_BOTH, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign1_map_get_int(hSignNULL, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_map_get_int(hSignBad, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_map_get_int(hSign, 1, COSE_BOTH, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_put_int(hSignNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_put_int(hSignBad, 1, cn, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_put_int(hSign, 1, NULL, COSE_PROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign1_map_put_int(hSign, 1, cn, COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign1_map_put_int(
+ hSignNULL, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign1_map_put_int(hSignBad, 1, cn, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign1_map_put_int(hSign, 1, NULL, COSE_PROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign1_map_put_int(hSign, 1, cn,
+ COSE_PROTECT_ONLY | COSE_UNPROTECT_ONLY, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign1_Sign(hSignNULL, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_Sign(hSignBad, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_Sign(hSign, NULL, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign1_Sign(hSignNULL, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_Sign(hSignBad, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_Sign(hSign, NULL, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign1_validate(hSignNULL, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_validate(hSignBad, cn, &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_validate(hSign, NULL, &cose_error), COSE_ERR_INVALID_PARAMETER, CFails++);
+ CHECK_FAILURE(COSE_Sign1_validate(hSignNULL, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_validate(hSignBad, cn, &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(COSE_Sign1_validate(hSign, NULL, &cose_error),
+ COSE_ERR_INVALID_PARAMETER, CFails++);
- CHECK_FAILURE(COSE_Sign1_SetExternal(hSignNULL, rgb, sizeof(rgb), &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
- CHECK_FAILURE(COSE_Sign1_SetExternal(hSignBad, rgb, sizeof(rgb), &cose_error), COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign1_SetExternal(hSignNULL, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
+ CHECK_FAILURE(
+ COSE_Sign1_SetExternal(hSignBad, rgb, sizeof(rgb), &cose_error),
+ COSE_ERR_INVALID_HANDLE, CFails++);
COSE_Sign1_Free(hSign);
@@ -552,21 +724,33 @@
// Unsupported algorithm
hSign = COSE_Sign1_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSign == NULL) CFails++;
+ if (hSign == NULL)
+ CFails++;
cn = cn_cbor_int_create(15, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (!COSE_Sign1_SetContent(hSign, (byte *) "Message", 7, NULL)) CFails++;
- if (!COSE_Sign1_map_put_int(hSign, COSE_Header_Algorithm, cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- CHECK_FAILURE(COSE_Sign1_Sign(hSign, cn, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (!COSE_Sign1_SetContent(hSign, (byte *)"Message", 7, NULL))
+ CFails++;
+ if (!COSE_Sign1_map_put_int(hSign, COSE_Header_Algorithm,
+ cn_cbor_int_create(-99, CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Sign1_Sign(hSign, cn, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Sign1_Free(hSign);
hSign = COSE_Sign1_Init(0, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hSign == NULL) CFails++;
+ if (hSign == NULL)
+ CFails++;
- if (!COSE_Sign1_SetContent(hSign, (byte *) "Message", 7, NULL)) CFails++;
+ if (!COSE_Sign1_SetContent(hSign, (byte *)"Message", 7, NULL))
+ CFails++;
- if (!COSE_Sign1_map_put_int(hSign, COSE_Header_Algorithm, cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL), COSE_PROTECT_ONLY, NULL)) CFails++;
- CHECK_FAILURE(COSE_Sign1_Sign(hSign, cn, &cose_error), COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
+ if (!COSE_Sign1_map_put_int(hSign, COSE_Header_Algorithm,
+ cn_cbor_string_create("hmac", CBOR_CONTEXT_PARAM_COMMA NULL),
+ COSE_PROTECT_ONLY, NULL))
+ CFails++;
+ CHECK_FAILURE(COSE_Sign1_Sign(hSign, cn, &cose_error),
+ COSE_ERR_UNKNOWN_ALGORITHM, CFails++);
COSE_Sign1_Free(hSign);
}
diff --git a/test/stdafx.h b/test/stdafx.h
index b005a83..1fa6ee2 100644
--- a/test/stdafx.h
+++ b/test/stdafx.h
@@ -10,6 +10,4 @@
#include <stdio.h>
#include <tchar.h>
-
-
// TODO: reference additional headers your program requires here
diff --git a/test/targetver.h b/test/targetver.h
index 87c0086..87fe2ae 100644
--- a/test/targetver.h
+++ b/test/targetver.h
@@ -2,7 +2,8 @@
// Including SDKDDKVer.h defines the highest available Windows platform.
-// If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
-// set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
+// If you wish to build your application for a previous Windows platform,
+// include WinSDKVer.h and set the _WIN32_WINNT macro to the platform you wish
+// to support before including SDKDDKVer.h.
#include <SDKDDKVer.h>
diff --git a/test/test.c b/test/test.c
index 5195767..237114d 100644
--- a/test/test.c
+++ b/test/test.c
@@ -27,10 +27,9 @@
int CFails = 0;
-
typedef struct _NameMap {
- char * sz;
- int i;
+ char* sz;
+ int i;
} NameMap;
NameMap RgAlgorithmNames[48] = {
@@ -65,42 +64,35 @@
{"HKDF-AES-128", COSE_Algorithm_Direct_HKDF_AES_128},
{"HKDF-AES-256", COSE_Algorithm_Direct_HKDF_AES_256},
{"ECDH-ES", COSE_Algorithm_ECDH_ES_HKDF_256},
-{"ECDH-ES-512",COSE_Algorithm_ECDH_ES_HKDF_512},
-{ "ECDH-SS", COSE_Algorithm_ECDH_SS_HKDF_256 },
-{ "ECDH-SS-256", COSE_Algorithm_ECDH_SS_HKDF_256},
-{ "ECDH-SS-512",COSE_Algorithm_ECDH_SS_HKDF_512 },
-{ "ECDH-ES+A128KW", COSE_Algorithm_ECDH_ES_A128KW },
-{ "ECDH-ES+A192KW", COSE_Algorithm_ECDH_ES_A192KW },
-{ "ECDH-ES+A256KW", COSE_Algorithm_ECDH_ES_A256KW },
-{"ECDH-SS+A128KW", COSE_Algorithm_ECDH_SS_A128KW},
-{ "ECDH-SS+A192KW", COSE_Algorithm_ECDH_SS_A192KW },
-{ "ECDH-SS+A256KW", COSE_Algorithm_ECDH_SS_A256KW },
-{ "ECDH-ES-A128KW", COSE_Algorithm_ECDH_ES_A128KW },
-{ "ECDH-ES-A192KW", COSE_Algorithm_ECDH_ES_A192KW },
-{ "ECDH-ES-A256KW", COSE_Algorithm_ECDH_ES_A256KW },
-{ "ECDH-SS-A128KW", COSE_Algorithm_ECDH_SS_A128KW },
-{ "ECDH-SS-A192KW", COSE_Algorithm_ECDH_SS_A192KW },
-{ "ECDH-SS-A256KW", COSE_Algorithm_ECDH_SS_A256KW },
- { "EdDSA", COSE_Algorithm_EdDSA},
+ {"ECDH-ES-512", COSE_Algorithm_ECDH_ES_HKDF_512},
+ {"ECDH-SS", COSE_Algorithm_ECDH_SS_HKDF_256},
+ {"ECDH-SS-256", COSE_Algorithm_ECDH_SS_HKDF_256},
+ {"ECDH-SS-512", COSE_Algorithm_ECDH_SS_HKDF_512},
+ {"ECDH-ES+A128KW", COSE_Algorithm_ECDH_ES_A128KW},
+ {"ECDH-ES+A192KW", COSE_Algorithm_ECDH_ES_A192KW},
+ {"ECDH-ES+A256KW", COSE_Algorithm_ECDH_ES_A256KW},
+ {"ECDH-SS+A128KW", COSE_Algorithm_ECDH_SS_A128KW},
+ {"ECDH-SS+A192KW", COSE_Algorithm_ECDH_SS_A192KW},
+ {"ECDH-SS+A256KW", COSE_Algorithm_ECDH_SS_A256KW},
+ {"ECDH-ES-A128KW", COSE_Algorithm_ECDH_ES_A128KW},
+ {"ECDH-ES-A192KW", COSE_Algorithm_ECDH_ES_A192KW},
+ {"ECDH-ES-A256KW", COSE_Algorithm_ECDH_ES_A256KW},
+ {"ECDH-SS-A128KW", COSE_Algorithm_ECDH_SS_A128KW},
+ {"ECDH-SS-A192KW", COSE_Algorithm_ECDH_SS_A192KW},
+ {"ECDH-SS-A256KW", COSE_Algorithm_ECDH_SS_A256KW},
+ {"EdDSA", COSE_Algorithm_EdDSA},
};
+NameMap RgCurveNames[7] = {{"P-256", 1}, {"P-384", 2}, {"P-521", 3},
+ {"X25519", 4}, {"X448", 5}, {"Ed25519", 6}, {"Ed448", 7}};
-NameMap RgCurveNames[7] = {
- {"P-256", 1},
- {"P-384", 2},
- {"P-521", 3},
- {"X25519", 4},
- {"X448", 5},
- {"Ed25519", 6},
- {"Ed448", 7}
-};
-
-int MapName(const cn_cbor * p, NameMap * rgMap, unsigned int cMap)
+int MapName(const cn_cbor* p, NameMap* rgMap, unsigned int cMap)
{
unsigned int i;
for (i = 0; i < cMap; i++) {
- if (strcmp(rgMap[i].sz, p->v.str) == 0) return rgMap[i].i;
+ if (strcmp(rgMap[i].sz, p->v.str) == 0)
+ return rgMap[i].i;
}
assert(false);
@@ -108,26 +100,27 @@
return 0;
}
-int MapAlgorithmName(const cn_cbor * p)
+int MapAlgorithmName(const cn_cbor* p)
{
return MapName(p, RgAlgorithmNames, _countof(RgAlgorithmNames));
}
-
byte fromHex(char c)
{
- if (('0' <= c) && (c <= '9')) return c - '0';
- if (('A' <= c) && (c <= 'F')) return c - 'A' + 10;
- if (('a' <= c) && (c <= 'f')) return c - 'a' + 10;
+ if (('0' <= c) && (c <= '9'))
+ return c - '0';
+ if (('A' <= c) && (c <= 'F'))
+ return c - 'A' + 10;
+ if (('a' <= c) && (c <= 'f'))
+ return c - 'a' + 10;
fprintf(stderr, "Invalid hex");
exit(1);
}
-
-byte * FromHex(const char * rgch, int cch)
+byte* FromHex(const char* rgch, int cch)
{
- byte * pb = malloc(cch / 2);
- const char * pb2 = rgch;
+ byte* pb = malloc(cch / 2);
+ const char* pb2 = rgch;
int i;
for (i = 0; i < cch; i += 2) {
@@ -137,30 +130,31 @@
return pb;
}
-int IsAlgorithmSupported(const cn_cbor * alg)
+int IsAlgorithmSupported(const cn_cbor* alg)
{
- // Pretend we support any algorithm which is not an integer - this is a fail test case
+ // Pretend we support any algorithm which is not an integer - this is a
+ // fail test case
- if ((alg->type != CN_CBOR_INT) && (alg->type != CN_CBOR_UINT)) return true;
- switch (alg->v.sint)
- {
- default:
- return false;
+ if ((alg->type != CN_CBOR_INT) && (alg->type != CN_CBOR_UINT))
+ return true;
+ switch (alg->v.sint) {
+ default:
+ return false;
#ifdef USE_AES_CBC_MAC_128_64
- case COSE_Algorithm_CBC_MAC_128_64:
+ case COSE_Algorithm_CBC_MAC_128_64:
#endif
#ifdef USE_AES_CBC_MAC_128_128
- case COSE_Algorithm_CBC_MAC_128_128:
+ case COSE_Algorithm_CBC_MAC_128_128:
#endif
#ifdef USE_AES_CBC_MAC_256_64
- case COSE_Algorithm_CBC_MAC_256_64:
+ case COSE_Algorithm_CBC_MAC_256_64:
#endif
#ifdef USE_AES_CBC_MAC_256_128
- case COSE_Algorithm_CBC_MAC_256_128:
+ case COSE_Algorithm_CBC_MAC_256_128:
#endif
#ifdef USE_AES_CCM_16_64_128
- case COSE_Algorithm_AES_CCM_16_64_128:
+ case COSE_Algorithm_AES_CCM_16_64_128:
#endif
#ifdef USE_AES_CCM_16_64_256
case COSE_Algorithm_AES_CCM_16_64_256:
@@ -184,102 +178,102 @@
case COSE_Algorithm_AES_CCM_64_128_256:
#endif
#ifdef USE_AES_GCM_128
- case COSE_Algorithm_AES_GCM_128:
+ case COSE_Algorithm_AES_GCM_128:
#endif
#ifdef USE_AES_GCM_192
- case COSE_Algorithm_AES_GCM_192:
+ case COSE_Algorithm_AES_GCM_192:
#endif
#ifdef USE_AES_GCM_256
- case COSE_Algorithm_AES_GCM_256:
+ case COSE_Algorithm_AES_GCM_256:
#endif
#ifdef USE_AES_KW_128
- case COSE_Algorithm_AES_KW_128:
+ case COSE_Algorithm_AES_KW_128:
#endif
#ifdef USE_AES_KW_192
- case COSE_Algorithm_AES_KW_192:
+ case COSE_Algorithm_AES_KW_192:
#endif
#ifdef USE_AES_KW_256
- case COSE_Algorithm_AES_KW_256:
+ case COSE_Algorithm_AES_KW_256:
#endif
#ifdef USE_Direct_HKDF_AES_128
- case COSE_Algorithm_Direct_HKDF_AES_128:
+ case COSE_Algorithm_Direct_HKDF_AES_128:
#endif
#ifdef USE_Direct_HKDF_AES_256
- case COSE_Algorithm_Direct_HKDF_AES_256:
+ case COSE_Algorithm_Direct_HKDF_AES_256:
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_256
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_256:
#endif
#ifdef USE_Direct_HKDF_HMAC_SHA_512
- case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
+ case COSE_Algorithm_Direct_HKDF_HMAC_SHA_512:
#endif
#ifdef USE_ECDH_ES_A128KW
- case COSE_Algorithm_ECDH_ES_A128KW:
+ case COSE_Algorithm_ECDH_ES_A128KW:
#endif
#ifdef USE_ECDH_ES_A192KW
- case COSE_Algorithm_ECDH_ES_A192KW:
+ case COSE_Algorithm_ECDH_ES_A192KW:
#endif
#ifdef USE_ECDH_ES_A256KW
- case COSE_Algorithm_ECDH_ES_A256KW:
+ case COSE_Algorithm_ECDH_ES_A256KW:
#endif
#ifdef USE_ECDH_ES_HKDF_256
- case COSE_Algorithm_ECDH_ES_HKDF_256:
+ case COSE_Algorithm_ECDH_ES_HKDF_256:
#endif
#ifdef USE_ECDH_ES_HKDF_512
- case COSE_Algorithm_ECDH_ES_HKDF_512:
+ case COSE_Algorithm_ECDH_ES_HKDF_512:
#endif
#ifdef USE_ECDH_SS_A128KW
- case COSE_Algorithm_ECDH_SS_A128KW:
+ case COSE_Algorithm_ECDH_SS_A128KW:
#endif
#ifdef USE_ECDH_SS_A192KW
- case COSE_Algorithm_ECDH_SS_A192KW:
+ case COSE_Algorithm_ECDH_SS_A192KW:
#endif
#ifdef USE_ECDH_SS_A256KW
- case COSE_Algorithm_ECDH_SS_A256KW:
+ case COSE_Algorithm_ECDH_SS_A256KW:
#endif
#ifdef USE_ECDH_SS_HKDF_256
- case COSE_Algorithm_ECDH_SS_HKDF_256:
+ case COSE_Algorithm_ECDH_SS_HKDF_256:
#endif
#ifdef USE_ECDH_SS_HKDF_512
- case COSE_Algorithm_ECDH_SS_HKDF_512:
+ case COSE_Algorithm_ECDH_SS_HKDF_512:
#endif
#ifdef USE_ECDSA_SHA_256
- case COSE_Algorithm_ECDSA_SHA_256:
+ case COSE_Algorithm_ECDSA_SHA_256:
#endif
#ifdef USE_ECDSA_SHA_384
- case COSE_Algorithm_ECDSA_SHA_384:
+ case COSE_Algorithm_ECDSA_SHA_384:
#endif
#ifdef USE_ECDSA_SHA_512
- case COSE_Algorithm_ECDSA_SHA_512:
+ case COSE_Algorithm_ECDSA_SHA_512:
#endif
#ifdef USE_HMAC_256_64
- case COSE_Algorithm_HMAC_256_64:
+ case COSE_Algorithm_HMAC_256_64:
#endif
#ifdef USE_HMAC_256_256
- case COSE_Algorithm_HMAC_256_256:
+ case COSE_Algorithm_HMAC_256_256:
#endif
#ifdef USE_HMAC_384_384
- case COSE_Algorithm_HMAC_384_384:
+ case COSE_Algorithm_HMAC_384_384:
#endif
#ifdef USE_HMAC_512_512
- case COSE_Algorithm_HMAC_512_512:
+ case COSE_Algorithm_HMAC_512_512:
#endif
#ifdef USE_EDDSA
- case COSE_Algorithm_EdDSA:
+ case COSE_Algorithm_EdDSA:
#endif
- case COSE_Algorithm_Direct:
- case -999: // Unsupported algorithm for testing.
- return true;
+ case COSE_Algorithm_Direct:
+ case -999: // Unsupported algorithm for testing.
+ return true;
}
return true;
}
-byte * GetCBOREncoding(const cn_cbor * pControl, int * pcbEncoded)
+byte* GetCBOREncoding(const cn_cbor* pControl, int* pcbEncoded)
{
- const cn_cbor * pOutputs = cn_cbor_mapget_string(pControl, "output");
- const cn_cbor * pCBOR;
- byte * pb = NULL;
- const byte * pb2;
+ const cn_cbor* pOutputs = cn_cbor_mapget_string(pControl, "output");
+ const cn_cbor* pCBOR;
+ byte* pb = NULL;
+ const byte* pb2;
int i;
if ((pOutputs == NULL) || (pOutputs->type != CN_CBOR_MAP)) {
@@ -300,7 +294,7 @@
pb[i / 2] = fromHex(pb2[i]) * 16 + fromHex(pb2[i + 1]);
}
- *pcbEncoded = (int) (pCBOR->length / 2);
+ *pcbEncoded = (int)(pCBOR->length / 2);
return pb;
}
@@ -311,27 +305,28 @@
#define OPERATION_HEX 4
struct {
- char * szKey;
+ char* szKey;
int kty;
int operation;
int keyNew;
-} RgStringKeys[10] = {
- { "kty", 0, OPERATION_IGNORE, COSE_Key_Type},
- { "kid", 0, OPERATION_NONE, COSE_Key_ID},
- { "crv", 2, OPERATION_STRING, COSE_Key_EC2_Curve},
- { "x", 2, OPERATION_BASE64, COSE_Key_EC2_X},
- { "y", 2, OPERATION_BASE64, COSE_Key_EC2_Y},
- { "d", 2, OPERATION_BASE64, -4},
- { "k", 4, OPERATION_BASE64, -1},
- { "crv", COSE_Key_Type_OKP, OPERATION_STRING, COSE_Key_OPK_Curve},
- { "x_hex", COSE_Key_Type_OKP, OPERATION_HEX, COSE_Key_OPK_X},
- { "d_hex", COSE_Key_Type_OKP, OPERATION_HEX, -4}
-};
+} RgStringKeys[10] = {{"kty", 0, OPERATION_IGNORE, COSE_Key_Type},
+ {"kid", 0, OPERATION_NONE, COSE_Key_ID},
+ {"crv", 2, OPERATION_STRING, COSE_Key_EC2_Curve},
+ {"x", 2, OPERATION_BASE64, COSE_Key_EC2_X},
+ {"y", 2, OPERATION_BASE64, COSE_Key_EC2_Y}, {"d", 2, OPERATION_BASE64, -4},
+ {"k", 4, OPERATION_BASE64, -1},
+ {"crv", COSE_Key_Type_OKP, OPERATION_STRING, COSE_Key_OPK_Curve},
+ {"x_hex", COSE_Key_Type_OKP, OPERATION_HEX, COSE_Key_OPK_X},
+ {"d_hex", COSE_Key_Type_OKP, OPERATION_HEX, -4}};
-bool SetAttributes(HCOSE hHandle, const cn_cbor * pAttributes, int which, int msgType, bool fPublicKey)
+bool SetAttributes(HCOSE hHandle,
+ const cn_cbor* pAttributes,
+ int which,
+ int msgType,
+ bool fPublicKey)
{
int keyNew = 0;
- cn_cbor * pValueNew = NULL;
+ cn_cbor* pValueNew = NULL;
bool fRet = true;
if (pAttributes == NULL) {
@@ -341,8 +336,9 @@
return false;
}
- for (const cn_cbor * pKey = pAttributes->first_child; pKey != NULL; pKey = pKey->next->next) {
- const cn_cbor * pValue = pKey->next;
+ for (const cn_cbor* pKey = pAttributes->first_child; pKey != NULL;
+ pKey = pKey->next->next) {
+ const cn_cbor* pValue = pKey->next;
if (pKey->type != CN_CBOR_TEXT) {
return false;
@@ -350,150 +346,188 @@
if (strcmp(pKey->v.str, "alg") == 0) {
keyNew = COSE_Header_Algorithm;
- pValueNew = cn_cbor_int_create(MapAlgorithmName(pValue), CBOR_CONTEXT_PARAM_COMMA NULL);
- }
- else if (strcmp(pKey->v.str, "ctyp") == 0) {
+ pValueNew = cn_cbor_int_create(
+ MapAlgorithmName(pValue), CBOR_CONTEXT_PARAM_COMMA NULL);
+ } else if (strcmp(pKey->v.str, "ctyp") == 0) {
keyNew = COSE_Header_Content_Type;
pValueNew = cn_cbor_clone(pValue, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pValueNew == NULL) return false;
- }
- else if (strcmp(pKey->v.str, "IV_hex") == 0) {
+ if (pValueNew == NULL)
+ return false;
+ } else if (strcmp(pKey->v.str, "IV_hex") == 0) {
keyNew = COSE_Header_IV;
- pValueNew = cn_cbor_data_create(FromHex(pValue->v.str, (int) pValue->length), (int) pValue->length / 2, CBOR_CONTEXT_PARAM_COMMA NULL);
- }
- else if (strcmp(pKey->v.str, "apu_id") == 0) {
+ pValueNew =
+ cn_cbor_data_create(FromHex(pValue->v.str, (int)pValue->length),
+ (int)pValue->length / 2, CBOR_CONTEXT_PARAM_COMMA NULL);
+ } else if (strcmp(pKey->v.str, "apu_id") == 0) {
keyNew = COSE_Header_KDF_U_name;
- pValueNew = cn_cbor_data_create(pValue->v.bytes, (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pValueNew == NULL) return false;
+ pValueNew = cn_cbor_data_create(pValue->v.bytes,
+ (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (pValueNew == NULL)
+ return false;
- }
- else if (strcmp(pKey->v.str, "apv_id") == 0) {
+ } else if (strcmp(pKey->v.str, "apv_id") == 0) {
keyNew = COSE_Header_KDF_V_name;
- pValueNew = cn_cbor_data_create(pValue->v.bytes, (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pValueNew == NULL) return false;
+ pValueNew = cn_cbor_data_create(pValue->v.bytes,
+ (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (pValueNew == NULL)
+ return false;
- }
- else if (strcmp(pKey->v.str, "pub_other") == 0) {
+ } else if (strcmp(pKey->v.str, "pub_other") == 0) {
keyNew = COSE_Header_KDF_PUB_other;
- pValueNew = cn_cbor_data_create(pValue->v.bytes, (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pValueNew == NULL) return false;
- }
- else if (strcmp(pKey->v.str, "priv_other") == 0) {
+ pValueNew = cn_cbor_data_create(pValue->v.bytes,
+ (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (pValueNew == NULL)
+ return false;
+ } else if (strcmp(pKey->v.str, "priv_other") == 0) {
keyNew = COSE_Header_KDF_PRIV;
- pValueNew = cn_cbor_data_create(pValue->v.bytes, (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pValueNew == NULL) return false;
- }
- else if (strcmp(pKey->v.str, "spk") == 0) {
+ pValueNew = cn_cbor_data_create(pValue->v.bytes,
+ (int)pValue->length, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (pValueNew == NULL)
+ return false;
+ } else if (strcmp(pKey->v.str, "spk") == 0) {
keyNew = COSE_Header_ECDH_STATIC;
pValueNew = BuildKey(pValue, fPublicKey);
- if (pValueNew == NULL) return false;
- }
- else {
+ if (pValueNew == NULL)
+ return false;
+ } else {
continue;
}
switch (msgType) {
#if INCLUDE_MAC
- case Attributes_MAC_protected:
- fRet &= COSE_Mac_map_put_int((HCOSE_MAC)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_MAC_protected:
+ fRet &= COSE_Mac_map_put_int(
+ (HCOSE_MAC)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_MAC0
- case Attributes_MAC0_protected:
- fRet &= COSE_Mac0_map_put_int((HCOSE_MAC0)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_MAC0_protected:
+ fRet &= COSE_Mac0_map_put_int(
+ (HCOSE_MAC0)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_ENCRYPT || INCLUDE_MAC
- case Attributes_Recipient_protected:
- fRet &= COSE_Recipient_map_put_int((HCOSE_RECIPIENT)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_Recipient_protected:
+ fRet &= COSE_Recipient_map_put_int(
+ (HCOSE_RECIPIENT)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_ENCRYPT
- case Attributes_Enveloped_protected:
- fRet &= COSE_Enveloped_map_put_int((HCOSE_ENVELOPED)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_Enveloped_protected:
+ fRet &= COSE_Enveloped_map_put_int(
+ (HCOSE_ENVELOPED)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_ENCRYPT0
- case Attributes_Encrypt_protected:
- fRet &= COSE_Encrypt_map_put_int((HCOSE_ENCRYPT)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_Encrypt_protected:
+ fRet &= COSE_Encrypt_map_put_int(
+ (HCOSE_ENCRYPT)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_SIGN
- case Attributes_Sign_protected:
- fRet &= COSE_Sign_map_put_int((HCOSE_SIGN)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_Sign_protected:
+ fRet &= COSE_Sign_map_put_int(
+ (HCOSE_SIGN)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_SIGN
- case Attributes_Signer_protected:
- fRet &= COSE_Signer_map_put_int((HCOSE_SIGNER)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_Signer_protected:
+ fRet &= COSE_Signer_map_put_int(
+ (HCOSE_SIGNER)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
#if INCLUDE_SIGN1
- case Attributes_Sign1_protected:
- fRet &= COSE_Sign1_map_put_int((HCOSE_SIGN1)hHandle, keyNew, pValueNew, which, NULL);
- break;
+ case Attributes_Sign1_protected:
+ fRet &= COSE_Sign1_map_put_int(
+ (HCOSE_SIGN1)hHandle, keyNew, pValueNew, which, NULL);
+ break;
#endif
- assert(fRet);
+ assert(fRet);
}
}
return fRet;
}
-bool SetSendingAttributes(HCOSE hMsg, const cn_cbor * pIn, int base)
+bool SetSendingAttributes(HCOSE hMsg, const cn_cbor* pIn, int base)
{
bool f = false;
- if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "protected"), COSE_PROTECT_ONLY, base, true)) goto returnError;
- if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "unprotected"), COSE_UNPROTECT_ONLY, base, true)) goto returnError;
- if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "unsent"), COSE_DONT_SEND, base, false)) goto returnError;
+ if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "protected"),
+ COSE_PROTECT_ONLY, base, true))
+ goto returnError;
+ if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "unprotected"),
+ COSE_UNPROTECT_ONLY, base, true))
+ goto returnError;
+ if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "unsent"),
+ COSE_DONT_SEND, base, false))
+ goto returnError;
- cn_cbor * pExternal = cn_cbor_mapget_string(pIn, "external");
+ cn_cbor* pExternal = cn_cbor_mapget_string(pIn, "external");
if (pExternal != NULL) {
- cn_cbor * pcn = cn_cbor_clone(pExternal, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pcn == NULL) goto returnError;
+ cn_cbor* pcn = cn_cbor_clone(pExternal, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (pcn == NULL)
+ goto returnError;
switch (base) {
#if INCLUDE_ENCRYPT0
- case Attributes_Encrypt_protected:
- if (!COSE_Encrypt_SetExternal((HCOSE_ENCRYPT)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Encrypt_protected:
+ if (!COSE_Encrypt_SetExternal((HCOSE_ENCRYPT)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_ENCRYPT
- case Attributes_Enveloped_protected:
- if (!COSE_Enveloped_SetExternal((HCOSE_ENVELOPED)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Enveloped_protected:
+ if (!COSE_Enveloped_SetExternal((HCOSE_ENVELOPED)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_MAC
- case Attributes_MAC_protected:
- if (!COSE_Mac_SetExternal((HCOSE_MAC)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_MAC_protected:
+ if (!COSE_Mac_SetExternal((HCOSE_MAC)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_MAC0
- case Attributes_MAC0_protected:
- if (!COSE_Mac0_SetExternal((HCOSE_MAC0)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_MAC0_protected:
+ if (!COSE_Mac0_SetExternal((HCOSE_MAC0)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_SIGN
- case Attributes_Signer_protected:
- if (!COSE_Signer_SetExternal((HCOSE_SIGNER)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Signer_protected:
+ if (!COSE_Signer_SetExternal((HCOSE_SIGNER)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_SIGN1
- case Attributes_Sign1_protected:
- if (!COSE_Sign1_SetExternal((HCOSE_SIGN1)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Sign1_protected:
+ if (!COSE_Sign1_SetExternal((HCOSE_SIGN1)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
}
}
@@ -503,51 +537,72 @@
return f;
}
-bool SetReceivingAttributes(HCOSE hMsg, const cn_cbor * pIn, int base)
+bool SetReceivingAttributes(HCOSE hMsg, const cn_cbor* pIn, int base)
{
bool f = false;
- if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "unsent"), COSE_DONT_SEND, base, true)) goto returnError;
+ if (!SetAttributes(hMsg, cn_cbor_mapget_string(pIn, "unsent"),
+ COSE_DONT_SEND, base, true))
+ goto returnError;
- cn_cbor * pExternal = cn_cbor_mapget_string(pIn, "external");
+ cn_cbor* pExternal = cn_cbor_mapget_string(pIn, "external");
if (pExternal != NULL) {
- cn_cbor * pcn = cn_cbor_clone(pExternal, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (pcn == NULL) goto returnError;
+ cn_cbor* pcn = cn_cbor_clone(pExternal, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (pcn == NULL)
+ goto returnError;
switch (base) {
#if INCLUDE_ENCRYPT0
- case Attributes_Encrypt_protected:
- if (!COSE_Encrypt_SetExternal((HCOSE_ENCRYPT)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Encrypt_protected:
+ if (!COSE_Encrypt_SetExternal((HCOSE_ENCRYPT)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_ENCRYPT
- case Attributes_Enveloped_protected:
- if (!COSE_Enveloped_SetExternal((HCOSE_ENVELOPED)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Enveloped_protected:
+ if (!COSE_Enveloped_SetExternal((HCOSE_ENVELOPED)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_MAC
- case Attributes_MAC_protected:
- if (!COSE_Mac_SetExternal((HCOSE_MAC)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_MAC_protected:
+ if (!COSE_Mac_SetExternal((HCOSE_MAC)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_MAC0
- case Attributes_MAC0_protected:
- if (!COSE_Mac0_SetExternal((HCOSE_MAC0)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_MAC0_protected:
+ if (!COSE_Mac0_SetExternal((HCOSE_MAC0)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_SIGN
- case Attributes_Signer_protected:
- if (!COSE_Signer_SetExternal((HCOSE_SIGNER)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Signer_protected:
+ if (!COSE_Signer_SetExternal((HCOSE_SIGNER)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
#if INCLUDE_SIGN1
- case Attributes_Sign1_protected:
- if (!COSE_Sign1_SetExternal((HCOSE_SIGN1)hMsg, FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2, NULL)) goto returnError;
- break;
+ case Attributes_Sign1_protected:
+ if (!COSE_Sign1_SetExternal((HCOSE_SIGN1)hMsg,
+ FromHex(pcn->v.str, (int)pcn->length), pcn->length / 2,
+ NULL))
+ goto returnError;
+ break;
#endif
}
}
@@ -557,73 +612,109 @@
return f;
}
-cn_cbor * BuildKey(const cn_cbor * pKeyIn, bool fPublicKey)
+cn_cbor* BuildKey(const cn_cbor* pKeyIn, bool fPublicKey)
{
- cn_cbor * pKeyOut = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor * pKty = cn_cbor_mapget_string(pKeyIn, "kty");
- cn_cbor * p = NULL;
- cn_cbor * pKey = NULL;
- cn_cbor * pValue = NULL;
+ cn_cbor* pKeyOut = cn_cbor_map_create(CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor* pKty = cn_cbor_mapget_string(pKeyIn, "kty");
+ cn_cbor* p = NULL;
+ cn_cbor* pKey = NULL;
+ cn_cbor* pValue = NULL;
size_t i;
int kty;
- unsigned char * pb = NULL;
+ unsigned char* pb = NULL;
size_t cb;
- if (pKeyOut == NULL) return NULL;
+ if (pKeyOut == NULL)
+ return NULL;
- if ((pKty == NULL) || (pKty->type != CN_CBOR_TEXT)) return NULL;
+ if ((pKty == NULL) || (pKty->type != CN_CBOR_TEXT))
+ return NULL;
if (pKty->length == 2) {
- if (strncmp(pKty->v.str, "EC", 2) == 0) kty = 2;
- else return NULL;
- }
- else if (pKty->length == 3) {
- if (strncmp(pKty->v.str, "oct", 3) == 0) kty = 4;
- else if (strncmp(pKty->v.str, "OKP", 3) == 0) kty = COSE_Key_Type_OKP;
- else return NULL;
- }
- else return NULL;
+ if (strncmp(pKty->v.str, "EC", 2) == 0)
+ kty = 2;
+ else
+ return NULL;
+ } else if (pKty->length == 3) {
+ if (strncmp(pKty->v.str, "oct", 3) == 0)
+ kty = 4;
+ else if (strncmp(pKty->v.str, "OKP", 3) == 0)
+ kty = COSE_Key_Type_OKP;
+ else
+ return NULL;
+ } else
+ return NULL;
p = cn_cbor_int_create(kty, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (p == NULL) return NULL;
- if (!cn_cbor_mapput_int(pKeyOut, 1, p, CBOR_CONTEXT_PARAM_COMMA NULL)) return NULL;
+ if (p == NULL)
+ return NULL;
+ if (!cn_cbor_mapput_int(pKeyOut, 1, p, CBOR_CONTEXT_PARAM_COMMA NULL))
+ return NULL;
for (pKey = pKeyIn->first_child; pKey != NULL; pKey = pKey->next->next) {
pValue = pKey->next;
if (pKey->type == CN_CBOR_TEXT) {
- for (i = 0; i < sizeof(RgStringKeys)/sizeof(RgStringKeys[0]); i++) {
+ for (i = 0; i < sizeof(RgStringKeys) / sizeof(RgStringKeys[0]);
+ i++) {
if (((size_t)pKey->length == strlen(RgStringKeys[i].szKey)) &&
- (strncmp(pKey->v.str, RgStringKeys[i].szKey, strlen(RgStringKeys[i].szKey)) == 0) &&
- ((RgStringKeys[i].kty == 0) || (RgStringKeys[i].kty == kty))) {
+ (strncmp(pKey->v.str, RgStringKeys[i].szKey,
+ strlen(RgStringKeys[i].szKey)) == 0) &&
+ ((RgStringKeys[i].kty == 0) ||
+ (RgStringKeys[i].kty == kty))) {
switch (RgStringKeys[i].operation) {
- case OPERATION_NONE:
- p = cn_cbor_clone(pValue, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (p == NULL) return NULL;
- if (!cn_cbor_mapput_int(pKeyOut, RgStringKeys[i].keyNew, p, CBOR_CONTEXT_PARAM_COMMA NULL)) return NULL;
- break;
+ case OPERATION_NONE:
+ p = cn_cbor_clone(
+ pValue, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (p == NULL)
+ return NULL;
+ if (!cn_cbor_mapput_int(pKeyOut,
+ RgStringKeys[i].keyNew, p,
+ CBOR_CONTEXT_PARAM_COMMA NULL))
+ return NULL;
+ break;
- case OPERATION_BASE64:
- if ((strcmp(pKey->v.str, "d") == 0) && fPublicKey) continue;
+ case OPERATION_BASE64:
+ if ((strcmp(pKey->v.str, "d") == 0) && fPublicKey)
+ continue;
- pb = base64_decode(pValue->v.str, pValue->length, &cb);
- p = cn_cbor_data_create(pb, (int)cb, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (p == NULL) return NULL;
- if (!cn_cbor_mapput_int(pKeyOut, RgStringKeys[i].keyNew, p, CBOR_CONTEXT_PARAM_COMMA NULL)) return NULL;
- break;
+ pb = base64_decode(
+ pValue->v.str, pValue->length, &cb);
+ p = cn_cbor_data_create(
+ pb, (int)cb, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (p == NULL)
+ return NULL;
+ if (!cn_cbor_mapput_int(pKeyOut,
+ RgStringKeys[i].keyNew, p,
+ CBOR_CONTEXT_PARAM_COMMA NULL))
+ return NULL;
+ break;
- case OPERATION_STRING:
- p = cn_cbor_int_create(MapName(pValue, RgCurveNames, _countof(RgCurveNames)), CBOR_CONTEXT_PARAM_COMMA NULL);
- if (p == NULL) return NULL;
- if (!cn_cbor_mapput_int(pKeyOut, RgStringKeys[i].keyNew, p, CBOR_CONTEXT_PARAM_COMMA NULL)) return NULL;
- break;
+ case OPERATION_STRING:
+ p = cn_cbor_int_create(MapName(pValue, RgCurveNames,
+ _countof(RgCurveNames)),
+ CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (p == NULL)
+ return NULL;
+ if (!cn_cbor_mapput_int(pKeyOut,
+ RgStringKeys[i].keyNew, p,
+ CBOR_CONTEXT_PARAM_COMMA NULL))
+ return NULL;
+ break;
- case OPERATION_HEX:
- if ((strcmp(pKey->v.str, "d_hex") == 0) && fPublicKey) continue;
- pb = hex_decode(pValue->v.str, pValue->length, &cb);
- p = cn_cbor_data_create(pb, (int)cb, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (p == NULL) return NULL;
- if (!cn_cbor_mapput_int(pKeyOut, RgStringKeys[i].keyNew, p, CBOR_CONTEXT_PARAM_COMMA NULL)) return NULL;
- break;
+ case OPERATION_HEX:
+ if ((strcmp(pKey->v.str, "d_hex") == 0) &&
+ fPublicKey)
+ continue;
+ pb = hex_decode(pValue->v.str, pValue->length, &cb);
+ p = cn_cbor_data_create(
+ pb, (int)cb, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (p == NULL)
+ return NULL;
+ if (!cn_cbor_mapput_int(pKeyOut,
+ RgStringKeys[i].keyNew, p,
+ CBOR_CONTEXT_PARAM_COMMA NULL))
+ return NULL;
+ break;
}
i = 99;
}
@@ -634,11 +725,10 @@
return pKeyOut;
}
-
bool Test_cn_cbor_array_replace()
{
- cn_cbor * pRoot;
- cn_cbor * pItem;
+ cn_cbor* pRoot;
+ cn_cbor* pItem;
// Cases that are not currently covered
// 1. Pass in invalid arguements
@@ -658,13 +748,12 @@
pItem = cn_cbor_int_create(7, CBOR_CONTEXT_PARAM_COMMA NULL);
cn_cbor_array_replace(pRoot, pItem, 1, CBOR_CONTEXT_PARAM_COMMA NULL);
- pItem = cn_cbor_int_create(8, CBOR_CONTEXT_PARAM_COMMA NULL);
- cn_cbor_array_replace(pRoot, pItem, 1, CBOR_CONTEXT_PARAM_COMMA NULL);
+ pItem = cn_cbor_int_create(8, CBOR_CONTEXT_PARAM_COMMA NULL);
+ cn_cbor_array_replace(pRoot, pItem, 1, CBOR_CONTEXT_PARAM_COMMA NULL);
return true;
}
-
void RunCorners()
{
Test_cn_cbor_array_replace();
@@ -691,11 +780,11 @@
#endif
}
-void RunMemoryTest(const char * szFileName)
+void RunMemoryTest(const char* szFileName)
{
#ifdef USE_CBOR_CONTEXT
unsigned int iFail;
- const cn_cbor * pControl = ParseJson(szFileName);
+ const cn_cbor* pControl = ParseJson(szFileName);
if (pControl == NULL) {
CFails += 1;
@@ -705,7 +794,7 @@
//
// To find out what we are doing we need to get the correct item
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor* pInput = cn_cbor_mapget_string(pControl, "input");
if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) {
fprintf(stderr, "No or bad input section");
@@ -723,7 +812,8 @@
context = CreateContext(iFail);
CFails = 0;
ValidateMAC(pControl);
- if (CFails == 0) fValidateDone = true;
+ if (CFails == 0)
+ fValidateDone = true;
FreeContext(context);
}
@@ -731,21 +821,22 @@
context = CreateContext(iFail);
CFails = 0;
BuildMacMessage(pControl);
- if (CFails == 0) fBuildDone = true;
+ if (CFails == 0)
+ fBuildDone = true;
FreeContext(context);
}
#else
fValidateDone = true;
fBuildDone = true;
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "mac0") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "mac0") != NULL) {
#if INCLUDE_MAC0
if (!fValidateDone) {
context = CreateContext(iFail);
CFails = 0;
ValidateMac0(pControl);
- if (CFails == 0) fValidateDone = true;
+ if (CFails == 0)
+ fValidateDone = true;
FreeContext(context);
}
@@ -753,21 +844,22 @@
context = CreateContext(iFail);
CFails = 0;
BuildMac0Message(pControl);
- if (CFails == 0) fBuildDone = true;
+ if (CFails == 0)
+ fBuildDone = true;
FreeContext(context);
}
#else
fValidateDone = true;
fBuildDone = true;
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "encrypted") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "encrypted") != NULL) {
#if INCLUDE_ENCRYPT0
if (!fValidateDone) {
context = CreateContext(iFail);
CFails = 0;
ValidateEncrypt(pControl);
- if (CFails == 0) fValidateDone = true;
+ if (CFails == 0)
+ fValidateDone = true;
FreeContext(context);
}
@@ -775,21 +867,22 @@
context = CreateContext(iFail);
CFails = 0;
BuildEncryptMessage(pControl);
- if (CFails == 0) fBuildDone = true;
+ if (CFails == 0)
+ fBuildDone = true;
FreeContext(context);
}
#else
fValidateDone = true;
fBuildDone = true;
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "enveloped") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "enveloped") != NULL) {
#if INCLUDE_ENCRYPT
if (!fValidateDone) {
context = CreateContext(iFail);
CFails = 0;
ValidateEnveloped(pControl);
- if (CFails == 0) fValidateDone = true;
+ if (CFails == 0)
+ fValidateDone = true;
FreeContext(context);
}
@@ -797,21 +890,22 @@
context = CreateContext(iFail);
CFails = 0;
BuildEnvelopedMessage(pControl);
- if (CFails == 0) fBuildDone = true;
+ if (CFails == 0)
+ fBuildDone = true;
FreeContext(context);
}
#else
fValidateDone = true;
fBuildDone = true;
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "sign") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "sign") != NULL) {
#if INCLUDE_SIGN
if (!fValidateDone) {
context = CreateContext(iFail);
CFails = 0;
ValidateSigned(pControl);
- if (CFails == 0) fValidateDone = true;
+ if (CFails == 0)
+ fValidateDone = true;
FreeContext(context);
}
@@ -819,21 +913,22 @@
context = CreateContext(iFail);
CFails = 0;
BuildSignedMessage(pControl);
- if (CFails == 0) fBuildDone = true;
+ if (CFails == 0)
+ fBuildDone = true;
FreeContext(context);
}
#else
fValidateDone = true;
fBuildDone = true;
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "sign0") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "sign0") != NULL) {
#if INCLUDE_SIGN1
if (!fValidateDone) {
context = CreateContext(iFail);
CFails = 0;
ValidateSign1(pControl);
- if (CFails == 0) fValidateDone = true;
+ if (CFails == 0)
+ fValidateDone = true;
FreeContext(context);
}
@@ -841,7 +936,8 @@
context = CreateContext(iFail);
CFails = 0;
BuildSign1Message(pControl);
- if (CFails == 0) fBuildDone = true;
+ if (CFails == 0)
+ fBuildDone = true;
FreeContext(context);
}
#else
@@ -857,9 +953,9 @@
#endif
}
-void RunFileTest(const char * szFileName)
+void RunFileTest(const char* szFileName)
{
- const cn_cbor * pControl = NULL;
+ const cn_cbor* pControl = NULL;
pControl = ParseJson(szFileName);
@@ -874,7 +970,7 @@
// To find out what we are doing we need to get the correct item
- const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
+ const cn_cbor* pInput = cn_cbor_mapget_string(pControl, "input");
if ((pInput == NULL) || (pInput->type != CN_CBOR_MAP)) {
fprintf(stderr, "No or bad input section");
@@ -887,36 +983,31 @@
BuildMacMessage(pControl);
}
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "mac0") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "mac0") != NULL) {
#if INCLUDE_MAC0
if (ValidateMac0(pControl)) {
BuildMac0Message(pControl);
}
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "enveloped") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "enveloped") != NULL) {
#if INCLUDE_ENCRYPT
if (ValidateEnveloped(pControl)) {
BuildEnvelopedMessage(pControl);
}
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "sign") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "sign") != NULL) {
#if INCLUDE_SIGN
if (ValidateSigned(pControl)) {
BuildSignedMessage(pControl);
}
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "sign0") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "sign0") != NULL) {
#if INCLUDE_SIGN1
if (ValidateSign1(pControl)) {
BuildSign1Message(pControl);
}
#endif
- }
- else if (cn_cbor_mapget_string(pInput, "encrypted") != NULL) {
+ } else if (cn_cbor_mapget_string(pInput, "encrypted") != NULL) {
#if INCLUDE_ENCRYPT0
if (ValidateEncrypt(pControl)) {
BuildEncryptMessage(pControl);
@@ -926,7 +1017,7 @@
}
#ifdef _MSC_VER
-void RunTestsInDirectory(const char * szDir)
+void RunTestsInDirectory(const char* szDir)
{
int cFailTotal = 0;
WIN32_FIND_DATA FindFileData;
@@ -943,8 +1034,7 @@
strcat(rgchFullName, "*.json");
hFind = FindFirstFile(rgchFullName, &FindFileData);
- if (hFind == INVALID_HANDLE_VALUE)
- {
+ if (hFind == INVALID_HANDLE_VALUE) {
printf("FindFirstFile failed (%d)\n", GetLastError());
return;
}
@@ -960,8 +1050,10 @@
CFails = 0;
RunFileTest(rgchFullName);
- if (CFails == 0) printf(" PASS\n");
- else printf(" FAILED\n");
+ if (CFails == 0)
+ printf(" PASS\n");
+ else
+ printf(" FAILED\n");
cFailTotal += CFails;
} while (FindNextFile(hFind, &FindFileData));
@@ -971,10 +1063,10 @@
}
#else
-void RunTestsInDirectory(const char * szDir)
+void RunTestsInDirectory(const char* szDir)
{
- DIR * dirp = opendir(szDir);
- struct dirent * dp;
+ DIR* dirp = opendir(szDir);
+ struct dirent* dp;
char rgchFullName[2 * 1024];
int ich;
int cFailTotal = 0;
@@ -993,7 +1085,8 @@
while ((dp = readdir(dirp)) != NULL) {
int cch = strlen(dp->d_name);
- if (cch < 4) continue;
+ if (cch < 4)
+ continue;
rgchFullName[ich] = 0;
if (ich + strlen(dp->d_name) >= sizeof(rgchFullName) - 2) {
fprintf(stderr, "Buffer overflow problem\n");
@@ -1003,45 +1096,44 @@
printf("Run test '%s'", rgchFullName);
CFails = 0;
RunFileTest(rgchFullName);
- if (CFails == 0) printf(" PASS\n");
- else printf(" FAILED\n");
+ if (CFails == 0)
+ printf(" PASS\n");
+ else
+ printf(" FAILED\n");
cFailTotal += CFails;
}
(void)closedir(dirp);
exit(cFailTotal);
}
-#endif // _MSCVER
+#endif // _MSCVER
-int main(int argc, char ** argv)
+int main(int argc, char** argv)
{
int i;
- const char * szWhere = NULL;
+ const char* szWhere = NULL;
bool fDir = false;
- bool fCorners = false;
- bool fMemory = false;
+ bool fCorners = false;
+ bool fMemory = false;
for (i = 1; i < argc; i++) {
printf("arg: '%s'\n", argv[i]);
if (argv[i][0] == '-') {
if (strcmp(argv[i], "--dir") == 0) {
fDir = true;
- }
- else if (strcmp(argv[i], "--corners") == 0) {
+ } else if (strcmp(argv[i], "--corners") == 0) {
fCorners = true;
- }
- else if (strcmp(argv[i], "--memory") == 0) {
+ } else if (strcmp(argv[i], "--memory") == 0) {
fMemory = true;
}
- }
- else {
+ } else {
szWhere = argv[i];
}
}
#ifdef USE_MBED_TLS
- mbedtls_entropy_context entropy;
- mbedtls_entropy_init(&entropy);
+ mbedtls_entropy_context entropy;
+ mbedtls_entropy_init(&entropy);
#endif
//
@@ -1054,21 +1146,20 @@
exit(1);
}
RunMemoryTest(szWhere);
- }
- else if (szWhere != NULL) {
+ } else if (szWhere != NULL) {
if (szWhere == NULL) {
fprintf(stderr, "Must specify a file name\n");
exit(1);
}
- if (fDir) RunTestsInDirectory(szWhere);
- else RunFileTest(szWhere);
- }
- else if (fCorners) {
+ if (fDir)
+ RunTestsInDirectory(szWhere);
+ else
+ RunFileTest(szWhere);
+ } else if (fCorners) {
RunCorners();
- }
- else {
+ } else {
#ifdef USE_CBOR_CONTEXT
- context = CreateContext((unsigned int) -1);
+ context = CreateContext((unsigned int)-1);
#endif
#if INCLUDE_MAC
MacMessage();
@@ -1084,8 +1175,10 @@
#endif
}
- if (CFails > 0) fprintf(stderr, "Failed %d tests\n", CFails);
- else fprintf(stderr, "SUCCESS\n");
+ if (CFails > 0)
+ fprintf(stderr, "Failed %d tests\n", CFails);
+ else
+ fprintf(stderr, "SUCCESS\n");
- exit(CFails);
+ exit(CFails);
}
diff --git a/test/test.h b/test/test.h
index 0c77899..1e0a292 100644
--- a/test/test.h
+++ b/test/test.h
@@ -3,9 +3,9 @@
#include <stdbool.h>
#ifdef USE_CBOR_CONTEXT
-cn_cbor_context * context;
+cn_cbor_context* context;
#define CBOR_CONTEXT_PARAM , context
-#define CBOR_CONTEXT_PARAM_COMMA context ,
+#define CBOR_CONTEXT_PARAM_COMMA context,
#else
#define CBOR_CONTEXT_PARAM
#define CBOR_CONTEXT_PARAM_COMMA
@@ -13,47 +13,44 @@
// encrypt.c
-int ValidateEnveloped(const cn_cbor * pControl);
+int ValidateEnveloped(const cn_cbor* pControl);
int EncryptMessage();
-int BuildEnvelopedMessage(const cn_cbor * pControl);
-int ValidateEncrypt(const cn_cbor * pControl);
-int BuildEncryptMessage(const cn_cbor * pControl);
+int BuildEnvelopedMessage(const cn_cbor* pControl);
+int ValidateEncrypt(const cn_cbor* pControl);
+int BuildEncryptMessage(const cn_cbor* pControl);
void Enveloped_Corners();
void Encrypt_Corners();
void Recipient_Corners();
-
// sign.c
-int ValidateSigned(const cn_cbor * pControl);
+int ValidateSigned(const cn_cbor* pControl);
int SignMessage();
-int BuildSignedMessage(const cn_cbor * pControl);
-int ValidateSign1(const cn_cbor * pControl);
-int BuildSign1Message(const cn_cbor * pControl);
+int BuildSignedMessage(const cn_cbor* pControl);
+int ValidateSign1(const cn_cbor* pControl);
+int BuildSign1Message(const cn_cbor* pControl);
void Sign_Corners();
void Sign1_Corners();
-
// mac_testc
-int ValidateMAC(const cn_cbor * pControl);
+int ValidateMAC(const cn_cbor* pControl);
int MacMessage();
-int BuildMacMessage(const cn_cbor * pControl);
-int ValidateMac0(const cn_cbor * pControl);
-int BuildMac0Message(const cn_cbor * pControl);
+int BuildMacMessage(const cn_cbor* pControl);
+int ValidateMac0(const cn_cbor* pControl);
+int BuildMac0Message(const cn_cbor* pControl);
void MAC_Corners();
void MAC0_Corners();
#ifdef USE_CBOR_CONTEXT
// context.c
-extern cn_cbor_context * CreateContext(unsigned int iFailPoint);
+extern cn_cbor_context* CreateContext(unsigned int iFailPoint);
void FreeContext(cn_cbor_context* pContext);
#endif
-
// test.c
enum {
- Attributes_MAC_protected=1,
+ Attributes_MAC_protected = 1,
Attributes_MAC0_protected,
Attributes_Recipient_protected,
Attributes_Enveloped_protected,
@@ -65,36 +62,42 @@
extern int CFails;
-int MapAlgorithmName(const cn_cbor * p);
-byte * GetCBOREncoding(const cn_cbor * pControl, int * pcbEncoded);
-//bool SetAttributes(HCOSE hHandle, const cn_cbor * pAttributes, int which, bool fPublicKey);
-cn_cbor * BuildKey(const cn_cbor * pKeyIn, bool fPublicKey);
-byte * FromHex(const char * rgch, int cch);
-bool SetSendingAttributes(HCOSE hMsg, const cn_cbor * pIn, int base);
-bool SetReceivingAttributes(HCOSE hMsg, const cn_cbor * pIn, int base);
-int IsAlgorithmSupported(const cn_cbor * alg);
+int MapAlgorithmName(const cn_cbor* p);
+byte* GetCBOREncoding(const cn_cbor* pControl, int* pcbEncoded);
+// bool SetAttributes(HCOSE hHandle, const cn_cbor * pAttributes, int which,
+// bool fPublicKey);
+cn_cbor* BuildKey(const cn_cbor* pKeyIn, bool fPublicKey);
+byte* FromHex(const char* rgch, int cch);
+bool SetSendingAttributes(HCOSE hMsg, const cn_cbor* pIn, int base);
+bool SetReceivingAttributes(HCOSE hMsg, const cn_cbor* pIn, int base);
+int IsAlgorithmSupported(const cn_cbor* alg);
//
// Internal macros to make testing easier
//
#define CHECK_RETURN(functionCall, errorReturn, onFailure) \
-{ \
- if (!functionCall) onFailure; \
-}
+ { \
+ if (!functionCall) \
+ onFailure; \
+ }
-#define CHECK_FAILURE(functionCall, errorReturn, onFailure) \
- { \
- bool bReturn = functionCall; \
- if (!bReturn) { \
- if (cose_error.err != errorReturn) onFailure; \
- } else if (errorReturn != COSE_ERR_NONE) onFailure; \
- }
+#define CHECK_FAILURE(functionCall, errorReturn, onFailure) \
+ { \
+ bool bReturn = functionCall; \
+ if (!bReturn) { \
+ if (cose_error.err != errorReturn) \
+ onFailure; \
+ } else if (errorReturn != COSE_ERR_NONE) \
+ onFailure; \
+ }
-#define CHECK_FAILURE_PTR(functionCall, errorReturn, onFailure) \
- { \
- void * bReturn = functionCall; \
- if (bReturn == NULL) { \
- if (cose_error.err != errorReturn) onFailure; \
- } else if (errorReturn != COSE_ERR_NONE) onFailure; \
- }
+#define CHECK_FAILURE_PTR(functionCall, errorReturn, onFailure) \
+ { \
+ void* bReturn = functionCall; \
+ if (bReturn == NULL) { \
+ if (cose_error.err != errorReturn) \
+ onFailure; \
+ } else if (errorReturn != COSE_ERR_NONE) \
+ onFailure; \
+ }