palemoon-dev/platform/security/nss/lib/smime/cmsencode.c

/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
 * CMS encoding.
 */

#include "cmslocal.h"

#include "cert.h"
#include "keyhi.h"
#include "secasn1.h"
#include "secoid.h"
#include "secitem.h"
#include "pk11func.h"
#include "secerr.h"

struct nss_cms_encoder_output {
    NSSCMSContentCallback outputfn;
    void *outputarg;
    PLArenaPool *destpoolp;
    SECItem *dest;
};

struct NSSCMSEncoderContextStr {
    SEC_ASN1EncoderContext *ecx;          /* ASN.1 encoder context */
    PRBool ecxupdated;                    /* true if data was handed in */
    NSSCMSMessage *cmsg;                  /* pointer to the root message */
    SECOidTag type;                       /* type tag of the current content */
    NSSCMSContent content;                /* pointer to current content */
    struct nss_cms_encoder_output output; /* output function */
    int error;                            /* error code */
    NSSCMSEncoderContext *childp7ecx;     /* link to child encoder context */
};

static SECStatus nss_cms_before_data(NSSCMSEncoderContext *p7ecx);
static SECStatus nss_cms_after_data(NSSCMSEncoderContext *p7ecx);
static SECStatus nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx,
                                        const char *data, unsigned long len);
static SECStatus nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
                                           const unsigned char *data, unsigned long len,
                                           PRBool final, PRBool innermost);

extern const SEC_ASN1Template NSSCMSMessageTemplate[];

/*
 * The little output function that the ASN.1 encoder calls to hand
 * us bytes which we in turn hand back to our caller (via the callback
 * they gave us).
 */
static void
nss_cms_encoder_out(void *arg, const char *buf, unsigned long len,
                    int depth, SEC_ASN1EncodingPart data_kind)
{
    struct nss_cms_encoder_output *output = (struct nss_cms_encoder_output *)arg;
    unsigned char *dest;
    unsigned long offset;

#ifdef CMSDEBUG
    int i;
    const char *data_name = "unknown";

    switch (data_kind) {
        case SEC_ASN1_Identifier:
            data_name = "identifier";
            break;
        case SEC_ASN1_Length:
            data_name = "length";
            break;
        case SEC_ASN1_Contents:
            data_name = "contents";
            break;
        case SEC_ASN1_EndOfContents:
            data_name = "end-of-contents";
            break;
    }
    fprintf(stderr, "kind = %s, depth = %d, len = %d\n", data_name, depth, len);
    for (i = 0; i < len; i++) {
        fprintf(stderr, " %02x%s", (unsigned int)buf[i] & 0xff, ((i % 16) == 15) ? "\n" : "");
    }
    if ((i % 16) != 0)
        fprintf(stderr, "\n");
#endif

    if (output->outputfn != NULL)
        /* call output callback with DER data */
        output->outputfn(output->outputarg, buf, len);

    if (output->dest != NULL) {
        /* store DER data in SECItem */
        offset = output->dest->len;
        if (offset == 0) {
            dest = (unsigned char *)PORT_ArenaAlloc(output->destpoolp, len);
        } else {
            dest = (unsigned char *)PORT_ArenaGrow(output->destpoolp,
                                                   output->dest->data,
                                                   output->dest->len,
                                                   output->dest->len + len);
        }
        if (dest == NULL)
            /* oops */
            return;

        output->dest->data = dest;
        output->dest->len += len;

        /* copy it in */
        if (len) {
            PORT_Memcpy(output->dest->data + offset, buf, len);
        }
    }
}

/*
 * nss_cms_encoder_notify - ASN.1 encoder callback
 *
 * this function is called by the ASN.1 encoder before and after the encoding of
 * every object. here, it is used to keep track of data structures, set up
 * encryption and/or digesting and possibly set up child encoders.
 */
static void
nss_cms_encoder_notify(void *arg, PRBool before, void *dest, int depth)
{
    NSSCMSEncoderContext *p7ecx;
    NSSCMSContentInfo *rootcinfo, *cinfo;
    PRBool after = !before;
    SECOidTag childtype;
    SECItem *item;

    p7ecx = (NSSCMSEncoderContext *)arg;
    PORT_Assert(p7ecx != NULL);

    rootcinfo = &(p7ecx->cmsg->contentInfo);

#ifdef CMSDEBUG
    fprintf(stderr, "%6.6s, dest = 0x%08x, depth = %d\n", before ? "before" : "after",
            dest, depth);
#endif

    /*
     * Watch for the content field, at which point we want to instruct
     * the ASN.1 encoder to start taking bytes from the buffer.
     */
    if (NSS_CMSType_IsData(p7ecx->type)) {
        cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
        if (before && dest == &(cinfo->rawContent)) {
            /* just set up encoder to grab from user - no encryption or digesting */
            if ((item = cinfo->content.data) != NULL)
                (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data,
                                                item->len, PR_TRUE, PR_TRUE);
            else
                SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
            SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
        }
    } else if (NSS_CMSType_IsWrapper(p7ecx->type)) {
        /* when we know what the content is, we encode happily until we reach the inner content */
        cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
        childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);

        if (after && dest == &(cinfo->contentType)) {
            /* we're right before encoding the data (if we have some or not) */
            /* (for encrypted data, we're right before the contentEncAlg which may change */
            /*  in nss_cms_before_data because of IV calculation when setting up encryption) */
            if (nss_cms_before_data(p7ecx) != SECSuccess)
                p7ecx->error = PORT_GetError();
        }
        if (before && dest == &(cinfo->rawContent)) {
            if (p7ecx->childp7ecx == NULL) {
                if ((NSS_CMSType_IsData(childtype) && (item = cinfo->content.data) != NULL)) {
                    /* we are the innermost non-data and we have data - feed it in */
                    (void)nss_cms_encoder_work_data(p7ecx, NULL, item->data,
                                                    item->len, PR_TRUE, PR_TRUE);
                } else {
                    /* else we'll have to get data from user */
                    SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
                }
            } else {
                /* if we have a nested encoder, wait for its data */
                SEC_ASN1EncoderSetTakeFromBuf(p7ecx->ecx);
            }
        }
        if (after && dest == &(cinfo->rawContent)) {
            if (nss_cms_after_data(p7ecx) != SECSuccess)
                p7ecx->error = PORT_GetError();
            SEC_ASN1EncoderClearNotifyProc(p7ecx->ecx); /* no need to get notified anymore */
        }
    } else {
        /* we're still in the root message */
        if (after && dest == &(rootcinfo->contentType)) {
            /* got the content type OID now - so find out the type tag */
            p7ecx->type = NSS_CMSContentInfo_GetContentTypeTag(rootcinfo);
            /* set up a pointer to our current content */
            p7ecx->content = rootcinfo->content;
        }
    }
}

/*
 * nss_cms_before_data - setup the current encoder to receive data
 */
static SECStatus
nss_cms_before_data(NSSCMSEncoderContext *p7ecx)
{
    SECStatus rv;
    SECOidTag childtype;
    NSSCMSContentInfo *cinfo;
    NSSCMSEncoderContext *childp7ecx;
    const SEC_ASN1Template *template;

    /* call _Encode_BeforeData handlers */
    switch (p7ecx->type) {
        case SEC_OID_PKCS7_SIGNED_DATA:
            /* we're encoding a signedData, so set up the digests */
            rv = NSS_CMSSignedData_Encode_BeforeData(p7ecx->content.signedData);
            break;
        case SEC_OID_PKCS7_DIGESTED_DATA:
            /* we're encoding a digestedData, so set up the digest */
            rv = NSS_CMSDigestedData_Encode_BeforeData(p7ecx->content.digestedData);
            break;
        case SEC_OID_PKCS7_ENVELOPED_DATA:
            rv = NSS_CMSEnvelopedData_Encode_BeforeData(p7ecx->content.envelopedData);
            break;
        case SEC_OID_PKCS7_ENCRYPTED_DATA:
            rv = NSS_CMSEncryptedData_Encode_BeforeData(p7ecx->content.encryptedData);
            break;
        default:
            if (NSS_CMSType_IsWrapper(p7ecx->type)) {
                rv = NSS_CMSGenericWrapperData_Encode_BeforeData(p7ecx->type,
                                                                 p7ecx->content.genericData);
            } else {
                rv = SECFailure;
            }
    }
    if (rv != SECSuccess)
        return SECFailure;

    /* ok, now we have a pointer to cinfo */
    /* find out what kind of data is encapsulated */

    cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
    childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);

    if (NSS_CMSType_IsWrapper(childtype)) {
        /* in these cases, we need to set up a child encoder! */
        /* create new encoder context */
        childp7ecx = PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
        if (childp7ecx == NULL)
            return SECFailure;

        /* the CHILD encoder needs to hand its encoded data to the CURRENT encoder
         * (which will encrypt and/or digest it)
         * this needs to route back into our update function
         * which finds the lowest encoding context & encrypts and computes digests */
        childp7ecx->type = childtype;
        childp7ecx->content = cinfo->content;
        /* use the non-recursive update function here, of course */
        childp7ecx->output.outputfn = (NSSCMSContentCallback)nss_cms_encoder_update;
        childp7ecx->output.outputarg = p7ecx;
        childp7ecx->output.destpoolp = NULL;
        childp7ecx->output.dest = NULL;
        childp7ecx->cmsg = p7ecx->cmsg;
        childp7ecx->ecxupdated = PR_FALSE;
        childp7ecx->childp7ecx = NULL;

        template = NSS_CMSUtil_GetTemplateByTypeTag(childtype);
        if (template == NULL)
            goto loser; /* cannot happen */

        /* now initialize the data for encoding the first third */
        switch (childp7ecx->type) {
            case SEC_OID_PKCS7_SIGNED_DATA:
                rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
                break;
            case SEC_OID_PKCS7_ENVELOPED_DATA:
                rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
                break;
            case SEC_OID_PKCS7_DIGESTED_DATA:
                rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
                break;
            case SEC_OID_PKCS7_ENCRYPTED_DATA:
                rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
                break;
            default:
                rv = NSS_CMSGenericWrapperData_Encode_BeforeStart(childp7ecx->type,
                                                                  cinfo->content.genericData);
                break;
        }
        if (rv != SECSuccess)
            goto loser;

        /*
         * Initialize the BER encoder.
         */
        childp7ecx->ecx = SEC_ASN1EncoderStart(cinfo->content.pointer, template,
                                               nss_cms_encoder_out, &(childp7ecx->output));
        if (childp7ecx->ecx == NULL)
            goto loser;

        /*
         * Indicate that we are streaming.  We will be streaming until we
         * get past the contents bytes.
         */
        if (!cinfo->privateInfo || !cinfo->privateInfo->dontStream)
            SEC_ASN1EncoderSetStreaming(childp7ecx->ecx);

        /*
         * The notify function will watch for the contents field.
         */
        p7ecx->childp7ecx = childp7ecx;
        SEC_ASN1EncoderSetNotifyProc(childp7ecx->ecx, nss_cms_encoder_notify,
                                     childp7ecx);

        /* please note that we are NOT calling SEC_ASN1EncoderUpdate here to kick off the */
        /* encoding process - we'll do that from the update function instead */
        /* otherwise we'd be encoding data from a call of the notify function of the */
        /* parent encoder (which would not work) */

    } else if (NSS_CMSType_IsData(childtype)) {
        p7ecx->childp7ecx = NULL;
    } else {
        /* we do not know this type */
        p7ecx->error = SEC_ERROR_BAD_DER;
    }

    return SECSuccess;

loser:
    if (childp7ecx) {
        if (childp7ecx->ecx)
            SEC_ASN1EncoderFinish(childp7ecx->ecx);
        PORT_Free(childp7ecx);
        p7ecx->childp7ecx = NULL;
    }
    return SECFailure;
}

static SECStatus
nss_cms_after_data(NSSCMSEncoderContext *p7ecx)
{
    SECStatus rv = SECFailure;

    switch (p7ecx->type) {
        case SEC_OID_PKCS7_SIGNED_DATA:
            /* this will finish the digests and sign */
            rv = NSS_CMSSignedData_Encode_AfterData(p7ecx->content.signedData);
            break;
        case SEC_OID_PKCS7_ENVELOPED_DATA:
            rv = NSS_CMSEnvelopedData_Encode_AfterData(p7ecx->content.envelopedData);
            break;
        case SEC_OID_PKCS7_DIGESTED_DATA:
            rv = NSS_CMSDigestedData_Encode_AfterData(p7ecx->content.digestedData);
            break;
        case SEC_OID_PKCS7_ENCRYPTED_DATA:
            rv = NSS_CMSEncryptedData_Encode_AfterData(p7ecx->content.encryptedData);
            break;
        default:
            if (NSS_CMSType_IsWrapper(p7ecx->type)) {
                rv = NSS_CMSGenericWrapperData_Encode_AfterData(p7ecx->type,
                                                                p7ecx->content.genericData);
            } else {
                rv = SECFailure;
            }
            break;
    }
    return rv;
}

/*
 * nss_cms_encoder_work_data - process incoming data
 *
 * (from the user or the next encoding layer)
 * Here, we need to digest and/or encrypt, then pass it on
 */
static SECStatus
nss_cms_encoder_work_data(NSSCMSEncoderContext *p7ecx, SECItem *dest,
                          const unsigned char *data, unsigned long len,
                          PRBool final, PRBool innermost)
{
    unsigned char *buf = NULL;
    SECStatus rv;
    NSSCMSContentInfo *cinfo;

    rv = SECSuccess; /* may as well be optimistic */

    /*
     * We should really have data to process, or we should be trying
     * to finish/flush the last block.  (This is an overly paranoid
     * check since all callers are in this file and simple inspection
     * proves they do it right.  But it could find a bug in future
     * modifications/development, that is why it is here.)
     */
    PORT_Assert((data != NULL && len) || final);

    /* we got data (either from the caller, or from a lower level encoder) */
    cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
    if (!cinfo) {
        /* The original programmer didn't expect this to happen */
        p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
        return SECFailure;
    }

    /* Update the running digest. */
    if (len && cinfo->privateInfo && cinfo->privateInfo->digcx != NULL)
        NSS_CMSDigestContext_Update(cinfo->privateInfo->digcx, data, len);

    /* Encrypt this chunk. */
    if (cinfo->privateInfo && cinfo->privateInfo->ciphcx != NULL) {
        unsigned int inlen;  /* length of data being encrypted */
        unsigned int outlen; /* length of encrypted data */
        unsigned int buflen; /* length available for encrypted data */

        inlen = len;
        buflen = NSS_CMSCipherContext_EncryptLength(cinfo->privateInfo->ciphcx,
                                                    inlen, final);
        if (buflen == 0) {
            /*
             * No output is expected, but the input data may be buffered
             * so we still have to call Encrypt.
             */
            rv = NSS_CMSCipherContext_Encrypt(cinfo->privateInfo->ciphcx, NULL, NULL, 0,
                                              data, inlen, final);
            if (final) {
                len = 0;
                goto done;
            }
            return rv;
        }

        if (dest != NULL)
            buf = (unsigned char *)PORT_ArenaAlloc(p7ecx->cmsg->poolp, buflen);
        else
            buf = (unsigned char *)PORT_Alloc(buflen);

        if (buf == NULL) {
            rv = SECFailure;
        } else {
            rv = NSS_CMSCipherContext_Encrypt(cinfo->privateInfo->ciphcx, buf,
                                              &outlen, buflen,
                                              data, inlen, final);
            data = buf;
            len = outlen;
        }
        if (rv != SECSuccess)
            /* encryption or malloc failed? */
            return rv;
    }

    /*
     * at this point (data,len) has everything we'd like to give to the CURRENT encoder
     * (which will encode it, then hand it back to the user or the parent encoder)
     * We don't encode the data if we're innermost and we're told not to include the data
     */
    if (p7ecx->ecx != NULL && len &&
        (!innermost || cinfo->rawContent != cinfo->content.pointer))
        rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, (const char *)data, len);

done:

    if (cinfo->privateInfo && cinfo->privateInfo->ciphcx != NULL) {
        if (dest != NULL) {
            dest->data = buf;
            dest->len = len;
        } else if (buf != NULL) {
            PORT_Free(buf);
        }
    }
    return rv;
}

/*
 * nss_cms_encoder_update - deliver encoded data to the next higher level
 *
 * no recursion here because we REALLY want to end up at the next higher encoder!
 */
static SECStatus
nss_cms_encoder_update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
{
    /* XXX Error handling needs help.  Return what?  Do "Finish" on failure? */
    return nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data,
                                     len, PR_FALSE, PR_FALSE);
}

/*
 * NSS_CMSEncoder_Start - set up encoding of a CMS message
 *
 * "cmsg" - message to encode
 * "outputfn", "outputarg" - callback function for delivery of DER-encoded output
 *                           will not be called if NULL.
 * "dest" - if non-NULL, pointer to SECItem that will hold the DER-encoded output
 * "destpoolp" - pool to allocate DER-encoded output in
 * "pwfn", pwfn_arg" - callback function for getting token password
 * "decrypt_key_cb", "decrypt_key_cb_arg" - callback function for getting bulk key for encryptedData
 * "detached_digestalgs", "detached_digests" - digests from detached content
 */
NSSCMSEncoderContext *
NSS_CMSEncoder_Start(NSSCMSMessage *cmsg,
                     NSSCMSContentCallback outputfn, void *outputarg,
                     SECItem *dest, PLArenaPool *destpoolp,
                     PK11PasswordFunc pwfn, void *pwfn_arg,
                     NSSCMSGetDecryptKeyCallback decrypt_key_cb, void *decrypt_key_cb_arg,
                     SECAlgorithmID **detached_digestalgs, SECItem **detached_digests)
{
    NSSCMSEncoderContext *p7ecx;
    SECStatus rv;
    NSSCMSContentInfo *cinfo;
    SECOidTag tag;

    NSS_CMSMessage_SetEncodingParams(cmsg, pwfn, pwfn_arg, decrypt_key_cb, decrypt_key_cb_arg,
                                     detached_digestalgs, detached_digests);

    p7ecx = (NSSCMSEncoderContext *)PORT_ZAlloc(sizeof(NSSCMSEncoderContext));
    if (p7ecx == NULL) {
        PORT_SetError(SEC_ERROR_NO_MEMORY);
        return NULL;
    }

    p7ecx->cmsg = cmsg;
    p7ecx->output.outputfn = outputfn;
    p7ecx->output.outputarg = outputarg;
    p7ecx->output.dest = dest;
    p7ecx->output.destpoolp = destpoolp;
    p7ecx->type = SEC_OID_UNKNOWN;

    cinfo = NSS_CMSMessage_GetContentInfo(cmsg);

    tag = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
    switch (tag) {
        case SEC_OID_PKCS7_SIGNED_DATA:
            rv = NSS_CMSSignedData_Encode_BeforeStart(cinfo->content.signedData);
            break;
        case SEC_OID_PKCS7_ENVELOPED_DATA:
            rv = NSS_CMSEnvelopedData_Encode_BeforeStart(cinfo->content.envelopedData);
            break;
        case SEC_OID_PKCS7_DIGESTED_DATA:
            rv = NSS_CMSDigestedData_Encode_BeforeStart(cinfo->content.digestedData);
            break;
        case SEC_OID_PKCS7_ENCRYPTED_DATA:
            rv = NSS_CMSEncryptedData_Encode_BeforeStart(cinfo->content.encryptedData);
            break;
        default:
            if (NSS_CMSType_IsWrapper(tag)) {
                rv = NSS_CMSGenericWrapperData_Encode_BeforeStart(tag,
                                                                  p7ecx->content.genericData);
            } else {
                rv = SECFailure;
            }
            break;
    }
    if (rv != SECSuccess) {
        PORT_Free(p7ecx);
        return NULL;
    }

    /* Initialize the BER encoder.
     * Note that this will not encode anything until the first call to SEC_ASN1EncoderUpdate */
    p7ecx->ecx = SEC_ASN1EncoderStart(cmsg, NSSCMSMessageTemplate,
                                      nss_cms_encoder_out, &(p7ecx->output));
    if (p7ecx->ecx == NULL) {
        PORT_Free(p7ecx);
        return NULL;
    }
    p7ecx->ecxupdated = PR_FALSE;

    /*
     * Indicate that we are streaming.  We will be streaming until we
     * get past the contents bytes.
     */
    if (!cinfo->privateInfo || !cinfo->privateInfo->dontStream)
        SEC_ASN1EncoderSetStreaming(p7ecx->ecx);

    /*
     * The notify function will watch for the contents field.
     */
    SEC_ASN1EncoderSetNotifyProc(p7ecx->ecx, nss_cms_encoder_notify, p7ecx);

    /* this will kick off the encoding process & encode everything up to the content bytes,
     * at which point the notify function sets streaming mode (and possibly creates
     * a child encoder). */
    p7ecx->ecxupdated = PR_TRUE;
    if (SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0) != SECSuccess) {
        PORT_Free(p7ecx);
        return NULL;
    }

    return p7ecx;
}

/*
 * NSS_CMSEncoder_Update - take content data delivery from the user
 *
 * "p7ecx" - encoder context
 * "data" - content data
 * "len" - length of content data
 *
 * need to find the lowest level (and call SEC_ASN1EncoderUpdate on the way down),
 * then hand the data to the work_data fn
 */
SECStatus
NSS_CMSEncoder_Update(NSSCMSEncoderContext *p7ecx, const char *data, unsigned long len)
{
    SECStatus rv;
    NSSCMSContentInfo *cinfo;
    SECOidTag childtype;

    if (p7ecx->error)
        return SECFailure;

    /* hand data to the innermost decoder */
    if (p7ecx->childp7ecx) {
        /* tell the child to start encoding, up to its first data byte, if it
         * hasn't started yet */
        if (!p7ecx->childp7ecx->ecxupdated) {
            p7ecx->childp7ecx->ecxupdated = PR_TRUE;
            if (SEC_ASN1EncoderUpdate(p7ecx->childp7ecx->ecx, NULL, 0) != SECSuccess)
                return SECFailure;
        }
        /* recursion here */
        rv = NSS_CMSEncoder_Update(p7ecx->childp7ecx, data, len);
    } else {
        /* we are at innermost decoder */
        /* find out about our inner content type - must be data */
        cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
        if (!cinfo) {
            /* The original programmer didn't expect this to happen */
            p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
            return SECFailure;
        }

        childtype = NSS_CMSContentInfo_GetContentTypeTag(cinfo);
        if (!NSS_CMSType_IsData(childtype))
            return SECFailure;
        /* and we must not have preset data */
        if (cinfo->content.data != NULL)
            return SECFailure;

        /*  hand it the data so it can encode it (let DER trickle up the chain) */
        rv = nss_cms_encoder_work_data(p7ecx, NULL, (const unsigned char *)data,
                                       len, PR_FALSE, PR_TRUE);
    }
    return rv;
}

/*
 * NSS_CMSEncoder_Cancel - stop all encoding
 *
 * we need to walk down the chain of encoders and the finish them from the innermost out
 */
SECStatus
NSS_CMSEncoder_Cancel(NSSCMSEncoderContext *p7ecx)
{
    SECStatus rv = SECFailure;

    /* XXX do this right! */

    /*
     * Finish any inner decoders before us so that all the encoded data is flushed
     * This basically finishes all the decoders from the innermost to the outermost.
     * Finishing an inner decoder may result in data being updated to the outer decoder
     * while we are already in NSS_CMSEncoder_Finish, but that's allright.
     */
    if (p7ecx->childp7ecx) {
        rv = NSS_CMSEncoder_Cancel(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
                                                       /* remember rv for now */
#ifdef CMSDEBUG
        if (rv != SECSuccess) {
            fprintf(stderr, "Fail to cancel inner encoder\n");
        }
#endif
    }

    /*
     * On the way back up, there will be no more data (if we had an
     * inner encoder, it is done now!)
     * Flush out any remaining data and/or finish digests.
     */
    rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
    if (rv != SECSuccess)
        goto loser;

    p7ecx->childp7ecx = NULL;

    /* kick the encoder back into working mode again.
     * We turn off streaming stuff (which will cause the encoder to continue
     * encoding happily, now that we have all the data (like digests) ready for it).
     */
    SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
    SEC_ASN1EncoderClearStreaming(p7ecx->ecx);

    /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
    rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);

loser:
    SEC_ASN1EncoderFinish(p7ecx->ecx);
    PORT_Free(p7ecx);
    return rv;
}

/*
 * NSS_CMSEncoder_Finish - signal the end of data
 *
 * we need to walk down the chain of encoders and the finish them from the innermost out
 */
SECStatus
NSS_CMSEncoder_Finish(NSSCMSEncoderContext *p7ecx)
{
    SECStatus rv = SECFailure;
    NSSCMSContentInfo *cinfo;

    /*
     * Finish any inner decoders before us so that all the encoded data is flushed
     * This basically finishes all the decoders from the innermost to the outermost.
     * Finishing an inner decoder may result in data being updated to the outer decoder
     * while we are already in NSS_CMSEncoder_Finish, but that's allright.
     */
    if (p7ecx->childp7ecx) {
        /* tell the child to start encoding, up to its first data byte, if it
         * hasn't yet */
        if (!p7ecx->childp7ecx->ecxupdated) {
            p7ecx->childp7ecx->ecxupdated = PR_TRUE;
            rv = SEC_ASN1EncoderUpdate(p7ecx->childp7ecx->ecx, NULL, 0);
            if (rv != SECSuccess) {
                NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
                goto loser;
            }
        }
        rv = NSS_CMSEncoder_Finish(p7ecx->childp7ecx); /* frees p7ecx->childp7ecx */
        if (rv != SECSuccess)
            goto loser;
    }

    /*
     * On the way back up, there will be no more data (if we had an
     * inner encoder, it is done now!)
     * Flush out any remaining data and/or finish digests.
     */
    rv = nss_cms_encoder_work_data(p7ecx, NULL, NULL, 0, PR_TRUE, (p7ecx->childp7ecx == NULL));
    if (rv != SECSuccess)
        goto loser;

    p7ecx->childp7ecx = NULL;

    cinfo = NSS_CMSContent_GetContentInfo(p7ecx->content.pointer, p7ecx->type);
    if (!cinfo) {
        /* The original programmer didn't expect this to happen */
        p7ecx->error = SEC_ERROR_LIBRARY_FAILURE;
        rv = SECFailure;
        goto loser;
    }
    SEC_ASN1EncoderClearTakeFromBuf(p7ecx->ecx);
    SEC_ASN1EncoderClearStreaming(p7ecx->ecx);
    /* now that TakeFromBuf is off, this will kick this encoder to finish encoding */
    rv = SEC_ASN1EncoderUpdate(p7ecx->ecx, NULL, 0);

    if (p7ecx->error)
        rv = SECFailure;

loser:
    SEC_ASN1EncoderFinish(p7ecx->ecx);
    PORT_Free(p7ecx);
    return rv;
}